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(57)Abstract: 

PROBLEM TO BE SOLVED: To provide a configuration capable of limiting a data 
processor to utilize contents. 

SOLUTION: As a reproduction execution condition of contents stored on a removable 
storage device such as memory card, the device can acquire a contents key, which can be 
decoded by effective key blockCEKB) processing. Further, the device performs recording 
processing to the removable storage device or the device designated in the case of 
contents purchasing processing can be set. Thus, even when a plurality of devices 
capable of decoding the same EKB exist, a device capable of reproducing the contents 
stored on the removable storage device can be limited to only one device. 



LEGAL STATUS [Date of request for examination] 12.02.2003 
[Date of sending the examiner*s decision of rejection] 19.01.2005 

[Kind of final disposal of application other than the examiner's decision of rejection or 
application converted registration] 
[Date of final disposal for application] 
[Patent number] 
[Date of registration] 

[Number of appeal against examiner's decision of rejection] 

[Date of requesting appeal against examiner's decision of rejection] 

[Date of extinction of right] 

* NOTICES * 

JPG and NCIPI are not responsible for any 
damages caused by the use of this translation, 

1. This document has been translated by computer. So the translation may not reflect 
the original precisely. 

2. **** shows the word which can not be translated. 
3 .In the drawings, any words are not translated. 



CLAIMS 



[Claim(s)] 

[Claim l] The storage means which stored the device node key (DNK) which becomes 
each node which constitutes the hierarchy tree structure which used as the leaf the 
information recording device with which plurality differs in the information recording 
device which records information on a record medium from the node key of a proper, and 
the leaf key of each information recording device proper, It has a cipher-processing 
means to perform cipher processing of the storing data to said record medium. Said 
cipher-processing means Cipher processing which applied the cryptographic key (Kcon) 
to the characteristic value of the specific data regenerative apparatus which reproduces 
the storing data of said record medium is performed. Generate the cryptographic key 
(Kst) applied to said storing data, and the storing data encryption processing by this 
cryptographic key (Kst) generates encryption data:Enc (Kst, DATA). The cryptographic 
key (Kcon) applied to cipher processing of said characteristic value The cryptographic 



key data enciphered using the hierarchy tree configuration key stored in the vaUdation 
key block (EKB) which enciphered the high order key of said hierarchy tree by a low 
order hierarchy's node key or the key of a leaf key which contains either at least are 
generated. Said encryption data, The information recording device characterized by 
having the configuration which performs processing which stores the data file 
containing said cryptographic key data, and said validation key block (EKB) in said 
"record medium. 

[Claim 2] It is the information recording device according to claim 1 which said specific 
data regenerative apparatus is said information recording device itself, and is 
characterized by said characteristic value being the characteristic value matched with 
said information recording device. 

[Claim 3] Said information recording apparatus is a contents distribution terminal 
which performs distribution of contents. Said specific data regenerative apparatus It is 
a data regenerative apparatus using the download contents firom said contents 
distribution terminal. Said characteristic value It is the information recording 
apparatus according to claim 1 characterized by being the configuration of performing 
cipher processing which is the characteristic value matched with said data regenerative 
apparatus, and applied said cryptographic key (Kcon) to the characteristic value 
matched with said data regenerative apparatus into which said information recording 
apparatus was inputted from the outside. 

[Claim 4] The characteristic value of said data regenerative apparatus is an information 
recording device according to claim 1 characterized [ at this data regenerative 
apparatus ] by being discernment data of a proper the telephone number or the data 
regenerative apparatus of a proper. 

[Claim 5] Said record medium is an information recording apparatus according to claim 
1 characterized by being a removable removable record medium to said information 
recording apparatus. 

[Claim 6] The hierarchy tree configuration key stored in said validation key block (EKB) 
is an information recording device according to claim 1 characterized by being root 
key'Kroot set up to the root which is the top -most-vertices node of this hierarchy tree. 
[Claim 7] The hierarchy tree configuration key stored in said validation key block (EKB) 
is an information recording device according to claim 1 characterized by being a key 
acquirable [ with decode processing of said validation key block (EKB) by said device 
node key (DNK) ]. 

[Claim 8] The hierarchy tree configuration key stored in said validation key block (EKB) 
It is constituted as a key which can be updated. Said information recording device The 



updated hierarchy tree configuration key which was stored in the validation key block 
(EKB) which enciphered the high order key of said hierarchy tree by a low order 
hierarchy's node key, or the key of a leaf key which contains either at least The 
information recording device according to claim 1 characterized by having the 
configuration acquired by decode processing of said vahdation key block (EKB) by said 
device node key (DNK). 

[Claim 9] Said cipher-processing means is an information recording device according to 
claim 1 characterized by being the configuration which generates the cryptographic key 
(Kcon) to the characteristic value of said information recording device based on a 
random number. 

[Claim 10] In the information regenerative apparatus which performs regeneration of 
the storing data stored in the record medium The storage means which stored the 
device node key (DNK) which becomes each node which constitutes the hierarchy tree 
structure which used as the leaf the information regenerative apparatus with which 
plurality differs ifrom the node key of a proper, and a leaf key peculiar to each 
information ******, It has a cipher-processing means to perform decode processing of 
the storing data of said record medium. Said cipher-processing means The validation 
key block (EKB) which enciphered the high order key of said hierarchy tree stored in 
said record medium by a low order hierarchy's node key or the key of a leaf key which 
contains either at least is decoded using said device node key (DNK). The hierarchy tree 
configuration key stored in this validation key block (EKB) is acquired. Acquire a 
cryptographic key (Kcon) by decode processing of the cryptographic key data enciphered 
using said hierarchy tree configuration key stored in said record medium, and 
characteristic value of an information regenerative apparatus own [ said ] is received: 
Storing encryption data perform cipher processing which applied said cryptographic key 
(Kcon), generate the decode key (Kst) applied to said storing data, and according to this 
decode key (Kst): The information regenerative apparatus characterized by having the 
configuration which performs decode processing of Enc (Kst, DATA). 
[Claim 11] The characteristic value of said information regenerative apparatus is an 
information regenerative apparatus according to claim 10 characterized [ at this 
information regenerative apparatus ] by being discernment data of a proper the 
telephone number or the information regenerative apparatus of a proper. 
[Claim 12] Said record medium is an information regenerative apparatus according to 
claim 10 characterized by being a removable removable record medium to said 
information regenerative apparatus. 

[Claim 13] The hierarchy tree configuration key stored in said validation key block 



(EKB) is an information regenerative apparatus according to clairn 10 characterized by 
being root key-Kroot set up to the root which is the top -most* vertices node of this 
hierarchy tree. 

[Claim 14] The hierarchy tree configuration key stored in said validation key block 
(EKB) It is constituted as a key which can be updated. Said information regenerative 
apparatus The updated hierarchy tree configuration key which was stored in the 
validation key block (EKB) which enciphered the high order key of said hierarchy tree 
by a low order hierarchy's node key, or the key of a leaf key which contains either at 
least The information regenerative apparatus according to claim 10 characterized by 
having the configuration acquired by decode processing of said validation key block 
(EKB) by said device node key (DNK). 

[Claim 15] The storage means which stored the device node key (DNK) which becomes 
each node which constitutes the hierarchy tree structure which used as the leaf the 
information recording device with which plurality differs from the node key of a proper, 
and the leaf key of each information recording device proper. In the information record 
approach for said record medium in the information recording device which has a 
cipher-processing means to perform cipher processing of the storing data to a record 
medium Cipher processing which applied the cryptographic key (Kcon) to the 
characteristic value of the specific data regenerative apparatus which reproduces the 
storing data of said record medium is performed. The step which generates the 
cryptographic key (Kst) applied to said storing data, the storing data encryption 
processing by said cryptographic key (Kst) encryption data^ with the step which 
generates Enc (Kst, DATA) The cryptographic key (Kcon) applied to cipher processing of 
said characteristic value The step which generates the cryptographic key data 
enciphered using the hierarchy tree configuration key stored in the validation key block 
(EKB) which enciphered the high order key of said hierarchy tree by a low order 
hierarchy's node key, or the key of a leaf key which contains either at least, and said 
encrj^tion data. The information record approach characterized by having the step 
which stores the data file containing said cr3T)tographic key data, and said validation 
key block (EKB) in said record medium. 

[Claim 16] It is the information record approach according to claim 15 which said 
specific data regenerative apparatus is said information recording device itself, and is 
characterized by said characteristic value being the characteristic value matched with 
said information recording device. 

[Claim 17] Said information recording apparatus is a contents distribution terminal 
which performs distribution of contents. Said specific data regenerative apparatus It is 



a data regenerative apparatus using the download contents from said contents 
distribution terminal. Said characteristic value Are the characteristic value matched 
with said data regenerative apparatus, and the step which generates said cryptographic 
key (Kst) The information record approach according to claim 15 characterized by 
including the step which performs cipher processing which applied said cryptographic 
key (Kcon) from the outside to the characteristic value matched with said inputted data 
regenerative apparatus. 

[Claim 18] The characteristic value of said data regenerative apparatus is the 
information record approach according to claim 15 characterized [ at this data 
regenerative apparatus ] by being discernment data of a proper the telephone number 
or the data regenerative apparatus of a proper. 

[Claim 19] Said record medium is the information record approach according to claim 15 
characterized by being a removable removable record medium to said information 
recording apparatus. 

[Claim 20] The hierarchy tree configuration key stored in said validation key block 
(EKB) is the information record approach according to claim 15 characterized by being 
root key:Kj:oot set up to the root which is the top-most-vertices node of this hierarchy 
tree. 

[Claim 21] The hierarchy tree configuration key stored in said validation key block 
(EKB) is the information record approach according to claim 15 characterized by being a 
key acquirable [ with decode processing of said validation key block (EKB) by said 
device node key (DNK) ]. 

[Claim 22] The hierarchy tree configuration key stored in said validation key block 
(EKB) It is constituted as a key which can be updated. Said information record 
approach Furthermore;, the updated hierarchy tree configuration key which was stored 
in the validation key block (EKB) which enciphered the high order key of said hierarchy 
tree by a low order hierarchy's node key, or the key of a leaf key which contains either at 
least The information record approach according to claim 15 characterized by including 
the step which performs processing acquired by decode processing of said validation key 
block (EKB) by said device node key (DNK). 

[Claim 23] Said information record approach is the information record approach 
according to claim 15 characterized by having further the step which generates the 
cryptographic key (Kcon) to the characteristic value of said information recording device 
based on a random number. 

[Claim 24] The storage means which stored the device node key (DNK) which becomes 
each node which constitutes the hierarchy tree structure which used as the leaf the 



information regenerative apparatus with which plurality differs from the node key of a 
proper, and a leaf key peculiar to each information In the information playback 

approach of performing regeneration of the storing data stored in said record medium in 
the information regenerative apparatus which has a cipher-processing means to 
perform decode processing of the storing data of a record medium The validation key 
block (EKB) which enciphered the high order key of said hierarchy tree stored in said 
record mediumTby a low order hierarchy's node key or the key of a leaf key which 
contains either at least is decoded using said device node key (DNK). The step which 
acquires the hierarchy tree configuration key stored in this validation key block (EKB), 
The step which acquires a cryptographic key (Kcon) by decode processing of the 
cr3rptographic key data enciphered using said hierarchy tree configuration key stored in 
said record medium. Cipher processing which applied said cryptographic key (Kcon) is 
performed to characteristic value of an information regenerative apparatus own [ said ]. 
Storing encryption data generate the decode key (Kst) applied to said storing data, and 
according to this decode key (Kst): The information playback approach characterized by 
having the step which performs decode processing of Enc (Kst, DATA). 
[Claim 25] The characteristic value of said information regenerative apparatus is the 
information playback approach according to claim 24 characterized [ at this information 
regenerative apparatus ] by being discernment data of a proper the telephone number 
or the information regenerative apparatus of a proper. 

[Claim 26] Said record medium is the information playback approach according to claim 
24 characterized by being a removable removable record medium to said information 
regenerative apparatus. 

[Claim 27] The hierarchy tree configuration key stored in said validation key block 
(EKB) is the information playback approach according to claim 24 characterized by 
being root key^Kroot set up to the root which is the top-most-vertices node of this 
hierarchy tree. 

[Claim 28] The hierarchy tree configuration key stored in said validation key block 
(EKB) It is constituted as a key which can be updated. Said information playback 
approach Furthermore, the updated hierarchy tree configuration key which was stored 
in the validation key block (EKB) which enciphered the high order key of said hierarchy 
tree by a low order hierarchy's node key, or the key of a leaf key which contains either at 
least The information playback approach according to claim 24 characterized by 
including the step acquired by decode processing of said validation key block (EKB) by 
said device node key (DNK). 

[Claim 29] The storage means which stored the device node key (DNK) which becomes 



each node which constitutes the hierarchy tree structure which used as the leaf the 
information recording device with which plurality differs from the node key of a proper, 
and the leaf key of each information recording device proper, It is the program which 
makes the information record processing to said record medium in the information 
recording device which has a cipher-processing means to perform cipher processing of 
the storing data to a record medium perform on computer system. Said program 
performs cipher processing which applied the cryptographic key (Keen) to the 
characteristic value of the specific data regenerative apparatus which reproduces the 
storing data of said record medium. The step which generates the cryptographic key 
(Kst) applied to said storing data, the storing data encryption processing by said 
cryptographic key (Kst) - encryption data: - with the step which generates Enc (Kst, 
DATA) The cryptographic key (Kcon) applied to cipher processing of said characteristic 
value The step which generates the cryptographic key data enciphered using the 
hierarchy tree configuration key stored in the validation key block (EKB) which 
enciphered the high order key of said hierarchy tree by a low order hierarchy's node key, 
or the key of a leaf key which contains either at least, and said encryption data. The 
program characterized by having the step which stores the data file containing said 
cryptographic key data, and said validation key block (EKB) in said record medium. 
[Claim 30] The storage means which stored the device node key (DNK) which becomes 
each node which constitutes the hierarchy tree structure which used as the leaf the 
information regenerative apparatus with which plurality differs from the node key of a 
proper, and a leaf key pecuUar to each information ******, It can set to the information 
regenerative apparatus which has a cipher-processing means to perform decode 
processing of the storing data of a record medium. It is the program which makes 
regeneration of the storing data stored in said record medium perform on computer 
system. Said program The validation key block (EKB) which enciphered the high order 
key of said hierarchy tree stored in said record medium by a low order hierarchy's node 
key or the key of a leaf key which contains either at least is decoded using said device 
node key (DNK). The step which acquires the hierarchy tree configuration key stored in 
this validation key block (EKB), The step which acquires a cryptographic key (Kcon) by 
decode processing of the cryptographic key data enciphered using said hierarchy tree 
configuration key stored in said record medium. Cipher processing which applied said 
cryptographic key (Kcon) is performed to characteristic value of an information 
regenerative apparatus own [ said ]. Storing encryption data generate the decode key 
(Kst) applied to said storing data, and according to this decode key (Kst)' The program 
characterized by having the step which performs decode processing of Enc (Kst, DATA). 



DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Field of the Invention] This invention relates to a program at an information recording 
device, an information regenerative apparatus and the information record approach, the 
information playback approach, and a list. Especially, only in a just contents utilization 
device, activation of playback of various contents, such as music, an image, a game, and 
a program, is enabled, and it is related with a program at the information recording 
device which realized the configuration which eliminates migration playback of the 
inaccurate contents through a removable storage device, an information regenerative 
apparatus and the information record approach, the information playback approach, 
and a list. 
[0002] 

[Description of the Prior Art] The contents negotiation which circulates various 
software data (these are hereafter called contents (Content)), such as music data, a 
game program, and image data, through the storage of networks, such as the Internet, 
or a memory card, DVD, CD, etc., etc. which can be circulated prospers these days. PC 
(Personal Computer) with which a user owns these negotiation contents, a cellular 
phone, a data regenerative apparatus, or a game device receives immediate data, it 
stores in an internal memory or the purchase of contents and regeneration are 
performed by the approach of storing data in an internal memory through storages, 
such as a memory card, and CD, DVD. 

[0003] In information machines and equipment, such as a cellular phone, a data 
regenerative apparatus, a game device, and PC, it has an interface for accessing the 
reception function for receiving negotiation contents from a network, DVD, CD, etc., and 
has in them RAM, ROM, etc. which are used as a memory area of the control means 
which is further needed for playback of contents, a program, and data, 
[0004] By directions of the user through the input means connected [ which were 
connected and was user-directed ] from bodies of information machines and equipment, 
such as a cellular phone used as a playback device, a data regenerative apparatus, a 
game device, and PC, various contents, such as music data, image data, or a program, 
are called from the storage in which built-in or attachment and detachment is free, and 



are reproduced through the body of information machines and equipment or the 
connected display, a loudspeaker, etc. 

[0005] Generally as for many software contents, such as a game program, music data, 
and image data, the right of distribution etc. is held by the implementer and the vender. 
Therefore, it is common to permit the activity of software, and for reproduction without 
authorization etc. to be made not to be performed, namely, to take the configuration in 
consideration of security only to a fixed utilization limit, i.e., a regular user, on the 
occasion of distribution of these contents. 

[0006] One technique of realizing the utilization limit to a user is encryption processing 
of distribution contents. That is, while distributing various contents, such as voice data 
enciphered, for example through the Internet etc., image data, and a game program, it 
is a means, i.e., the configuration which gives a decode key, to decode the distributed 
encrjTJtion contents only to those who were checked as he is a registered user. 
[0007] Encryption data can be returned to available decode data (plaintext) by 
decrj^tion processing in a predetermined procedure. The data encrj^ption and the 
decryption approach of using an encryption key for encryption processing of such 
information, and using a decryption key for decryption processing are well learned firom 
the former. 

[0008] Although it is seeds, there are various methods currently called the so-called 
common key encryptosystem-ized method as the one example in the mode of the data 
encrj^tion and the decryption approach using an encryption key and a decryption key. A 
common key encryptosystem-ized method gives the encryption key used for data 
encryption processing, and the common key which uses for these encryption processing 
and a decrj^tion the decryption key used for a decryption of data as a common thing at 
the user of normal, and eliminates the data access by the inaccurate user without a key. 
DES (data code criterion^ Deta encryption standard) is in the typical method of this 
method. 

[0009] On the other hand, for example based on a certain password etc., a Hash 
Function etc. can obtain the encryption key and decryption key which are used for 
above-mentioned encryption processing and a decryption with the application of a 
tropism function. On the other hand, it is the function which becomes very difficult [ a 
tropism function ] for asking reverse for an input from the output. For example, on the 
other hand, a tropism function is applied by considering the password which the user 
decided as an input, and an encryption key and a decryption key are generated based on 
the output. Thus, the parenchyma top of asking reverse for the password which is data 
of the original copy becomes impossible firom the obtained encryption key and a 



decryption key. 

[0010] Moreover, the method which made a different algorithm processing with the 
encryption key used when enciphering, and processing of the decryption key used when 
decoding is a method called the so-called public key-encryption-ized method. An 
unspecified user is the approach of using an usable pubUc key, and a 
pubUc keyencryption-ized method performs encryption processing using the public key 
^itlT which the specific individual published the encryption document to a specific 
individual. The decode processing of the document enciphered with the public key is 
attained only with the private key corresponding to the public key used for the 
encryption processing. Since only the individual who published the public key owns a 
private key, only an individual with a private key can decode the document enciphered 
with the public key. A RSA (Rivest- Shamir- Adleman) code is one of the typical things of 
a public-keyencrjTption-ized method. By using such a cipher system, the system which 
enables the decode of encryption contents only to a registered user becomes possible. 
[0011] 

[Problem(s) to be Solved by the Invention] However, when the contents purchased by 
the normal purchaser are once decoded, for example, it is copied to removable storage 
devices, such as a memory card, as it is, set contents storing storage to the device which 
other users who are the non-purchasers of contents have, and it is reproduced, or it is 
copied to the storage of further others, and there is possibility of being used for much 
more users. Thus, the secondary negotiation of disorderly contents may occur based on 
one normal purchase of contents. 

[0012] This invention solves the trouble of such a conventional technique, makes 
available the contents stored in removable storage devices, such as a memory card, only 
in the device of the normal purchaser of contents, and aims at preventing setting the 
contents stored in the memory card etc. to other devices, and being reproduced and used 
unjustly. 

[0013] Furthermore, this invention aims at offering the configuration made available 
only in the specific playback device by which a normal purchase user has purchase 
contents in it when removable storage devices, such as a memory card which a user 
owns, are set, contents are stored in storage and it performs the purchase of contents to 
the contents distribution terminal which a service provider manages. 
[0014] 

[Means for Solving the Problem] In the information recording device with which the 1st 
side face of this invention records information on a record medium The storage means 
which stored the device node key (DNK) which becomes each node which constitutes the 



hierarchy tree structure which used as the leaf the information recording device with 
which pluraUty differs from the node key of a proper, and the leaf key of each 
information recording device proper, It has a cipher-processing means to perform cipher 
processing of the storing data to said record medium. Said cipher-processing means 
Cipher processing which appUed the cryptographic key (Kcon) to the characteristic 
value of the specific data regenerative apparatus which reproduces the storing data of 
said record medium is performed. Generate the crj^tographic key (Kst) applied to said 
storing data, and the storing data encrjrption processing by this cryptographic key (Kst) 
generates encryption data^Enc (Kst, DATA). The cryptographic key (Kcon) applied to 
cipher processing of said characteristic value The cryptographic key data enciphered 
using the hierarchy tree configuration key stored in the validation key block (EKB) 
which enciphered the high order key of said hierarchy tree by a low order hierarchy's 
node key or the key of a leaf key which contains either at least are generated. Said 
encryption data. It is in the information recording device characterized by having the 
configuration which performs processing which stores the data fi^le containing said 
cryptographic key data, and said validation key block (EKB) in said record medium. 
[0015] Furthermore, in one embodiment of the information recording apparatus of this 
invention, said specific data regenerative apparatus is said information recording 
apparatus itself, and said characteristic value is characterized by being the 
characteristic value matched with said information recording apparatus. 
[0016] In one embodiment of the information recording device of this invention 
furthermore, said information recording device It is the contents distribution terminal 
which performs distribution of contents. Said specific data regenerative apparatus It is 
a data regenerative apparatus using the download contents firom said contents 
distribution terminal. Said characteristic value It is the characteristic value matched 
with said data regenerative apparatus, and said information recording apparatus is 
characterized by being the configuration of performing cipher processing which applied 
said crj^tographic key (Kcon) to the characteristic value matched with said data 
regenerative apparatus inputted fi:om the outside. 

[0017] Furthermore, in one embodiment of the information recording apparatus of this 
invention, characteristic value of said data regenerative apparatus is characterized [ at 
this data regenerative apparatus ] by being discernment data of a proper the telephone 
number or the data regenerative apparatus of a proper. 

[0018] Furthermore, in one embodiment of the information recording device of this 
invention, said record medium is characterized by being a removable removable record 
medium to said information recording device. 



[0019] Furthermore, in one embodiment of the information recording apparatus of this 
invention, the hierarchy tree configuration key stored in said validation key block 
(EKB) is characterized by being root key^Kroot set up to the root which is the 
top -most- vertices node of this hierarchy tree. 

[0020] Furthermore, in one embodiment of the information recording apparatus of this 
invention, the hierarchy tree configuration key stored in said vahdation key block 
(EKB) is characterized by being a key acquirablis [ with decode processing of said 
validation key block (EKB) by said device node key (DNK) 1. 

[0021] In one embodiment of the information recording apparatus of this invention, 
furthermore, the hierarchy tree configuration key stored in said validation key block 
(EKB) It is constituted as a key which can be updated. Said information recording 
device The updated hierarchy tree configuration key which was stored in the validation 
key block (EKB) which enciphered the high order key of said hierarchy tree by a low 
order hierarchy's node key, or the key of a leaf key which contains either at least It is 
characterized by having the configuration acquired by decode processing of said 
validation key block (EKB) by said device node key (DNK). 

[0022] Furthermore, in one embodiment of the information recording device of this 
invention, said cipher-processing means is characterized by being the configuration 
which generates the cryptographic key (Kcon) to the characteristic value of said 
information recording device based on a random number. 

[0023] Furthermore, the 2nd side face of this invention is set to the information 
regenerative apparatus which performs regeneration of the storing data stored in the 
record medium. The storage means which stored the device node key (DNK) which 
becomes each node which constitutes the hierarchy tree structure which used as the leaf 
the information regenerative apparatus with which plurality differs fi-om the node key 
of a proper, and a leaf key peculiar to each information ******, It has a 
cipher-processing means to perform decode processing of the storing data of said record 
medium. Said cipher-processing means The validation key block (EKB) which 
enciphered the high order key of said hierarchy tree stored in said record medium by a 
low order hierarchy's node key or the key of a leaf key which contains either at least is 
decoded using said device node key (DNK). The hierarchy tree configuration key stored 
in this validation key block (EKB) is acquired. Acquire a cryptographic key (Kcon) by 
decode processing of the cr3rptographic key data enciphered using said hierarchy tree 
configuration key stored in said record medium, and characteristic value of an 
information regenerative apparatus own [ said ] is received. Storing encryption data 
perform cipher processing which applied said cryptographic key (Kcon), generate the 



decode key (Kst) applied to:said storing data, and according to this decode key (Kst)* Be 
in the information regenerative apparatus characterized by having the configuration 
which performs decode processing of Enc (Kst, DATA). 

[0024] Furthermore, in one embodiment of the information regenerative apparatus of 
this invention, characteristic value of said information regenerative apparatus is 
characterized [ at this information regenerative apparatus ] by being discernment data 
of a proper the telephone number or the information regenerative apparatus of a proper. 
[0025] Furthermore, in one embodiment of the information regenerative apparatus of 
this invention, said record medium is characterized by being a removable removable 
record medium to said information regenerative apparatus. 

[0026] Furthermore, in one embodiment of the information regenerative apparatus of 
this invention, the hierarchy tree configuration key stored in said validation key block 
(EKB) is characterized by being root key^Kroot set up to the root which is the 
top -most-vertices node of this hierarchy tree. 

[0027] In one embodiment of the information regenerative apparatus of this invention, 
furthermore, the hierarchy tree configuration key stored in said validation key block 
(EKB) It is constituted as a key which can be updated. Said information regenerative 
apparatus The updated hierarchy tree configuration key which was stored in the 
validation key block (EKB) which enciphered the high order key of said hierarchy tree 
by a low order hierarchy's node key, or the key of a leaf key which contains either at 
least It is characterized by having the configuration acquired by decode processing of 
said vaUdation key block (EKB) by said device node key (DNK). 

[0028] Furthermore, the storage means which stored the device node key (DNK) to 
which the 3rd side face of this invention becomes each node which constitutes the 
hierarchy tree structure which used as the leaf the information recording device with 
which plurality differs from the node key of a proper, and the leaf key of each 
information recording device proper, In the information record approach for said record 
medium in the information recording device which has a cipher-processing means to 
perform cipher processing of the storing data to a record medium Cipher processing 
which applied the cr3rptographic key (Kcon) to the characteristic value of the specific 
data regenerative apparatus which reproduces the storing data of said record medium is 
performed. The step which generates the cryptographic key (Kst) applied to said storing 
data, the storing data encryption processing by said cryptographic key (Kst) " 
encryption data: with the step which generates Enc (Kst, DATA) The cryptographic 
key (Kcon) applied to cipher processing of said characteristic value The step which 
generates the cryptographic key data enciphered using the hierarchy tree configuration 



key stored in the validation key block (EKB) which enciphered the high order key of 
said hierarchy tree by a low order hierarchy's node key, or the key of a leaf key which 
contains either at least, and said encryption data, It is in the information record 
approach characterized by having the step which stores the data file containing said 
cryptographic key data, and said validation key block (EKB) in said record medium. 
[0029] Furthermore, in one embodiment of the information record approach of this 
" invention, said specific data regenerative apparatus is said information recording device 
itself, and said characteristic value is characterized by being the characteristic value 
matched with said information recording device. 

[0030] In one embodiment of the information record approach of this invention 
furthermore, said information recording device It is the contents distribution terminal 
which performs distribution of contents. Said specific data regenerative apparatus It is 
a data regenerative apparatus using the download contents fi:om said contents 
distribution terminal. Said characteristic value It is the characteristic value matched 
with said data regenerative apparatus, and the step which generates said cryptographic 
key (Kst) is characterized by including the step which performs cipher processing which 
applied said cryptographic key (Kcon) to the characteristic value matched with said 
data regenerative apparatus inputted from the outside. 

[0031] Furthermore, in one embodiment of the information record approach of this 
invention, characteristic value of said data regenerative apparatus is characterized [ at 
this data regenerative apparatus ] by being discernment data of a proper the telephone 
number or the data regenerative apparatus of a proper. 

[0032] Furthermore, in one embodiment of the information record approach of this 
invention, said record medium is characterized by being a removable removable record 
medium to said information recording apparatus. 

[0033] Furthermore, in one embodiment of the inforniation record approach of this 
invention, the hierarchy tree configuration key stored in said validation key block 
(EKB) is characterized by being root key^Kroot set up to the root which is the 
top-most-vertices node of this hierarchy tree. 

[0034] Furthermore, in one embodiment of the information record approach of this 
invention, the hierarchy tree configuration key stored in said validation key block 
(EKB) is characterized by being a key acquirable [ with decode processing of said 
validation key block (EKB) by said device node key (DNK) ]. 

[0035] In one embodiment of the information record approach of this invention, 
furthermore, the hierarchy tree configuration key stored in said validation key block 
(EKB) It is constituted as a key which can be updated. Said information record 



approach Furthermore, the. updated hierarchy tree configuration key which was stored 
in the vaUdation key block (EKB) which enciphered the high order key of said hierarchy 
tree by a low order hierarchy's node key, or the key of a leaf key which contains either at 
least It is characterized by including the step which performs processing acquired by 
decode processing of said validation key block (EKB) by said device node key (DNK). 
[0036] Furthermore, in one embodiment of the information record approach of this 
invention, said information record approach is characterized by having further the step 
which generates the cryptographic key (Kcon) to the characteristic value of said 
information recording device based on a random number. 

[0037] Furthermore, the storage means which stored the device node key (DNK) to 
which the 4th side face of this invention becomes each node which constitutes the 
hierarchy tree structure which used as the leaf the information regenerative apparatus 
with which plurality differs from the node key of a proper, and a leaf key peculiar to 
each information ******, In the information playback approach of performing 
regeneration of the storing data stored in said record medium in the information 
regenerative apparatus which has a cipher-processing means to perform decode 
processing of the storing data of a record medium The validation key block (EKB) which 
enciphered the high order key of said hierarchy tree stored in said record medium by a 
low order hierarchy's node key or the key of a leaf key which contains either at least is 
decoded using said device node key (DNK). The step which acquires the hierarchy tree 
configuration key stored in this validation key block (EKB), The step which acquires a 
cryptographic key (Kcon) by decode processing of the cryptographic key data enciphered 
using said hierarchy tree configuration key stored in said record medium. Cipher 
processing which appUed said cryptographic key (Kcon) is performed to characteristic 
value of an information regenerative apparatus own [ said ]. Storing encryption data 
generate the decode key (Kst) applied to said storing data, and according to this decode 
key (Kst): Be in the information playback approach characterized by having the step 
which performs decode processing of Enc (Kst, DATA). 

[0038] Furthermore, in one embodiment of the information playback approach of this 
invention, characteristic value of said information regenerative apparatus is 
characterized [ at this information regenerative apparatus ] by being discernment data 
of a proper the telephone number or the information regenerative apparatus of a proper. 
[0039] Furthermore, in one embodiment of the information playback approach of this 
invention, said record medium is characterized by being a removable removable record 
medium to said information regenerative apparatus. 

[0040] Furthermore, in one embodiment of the information playback approach of this 



invention, the hierarchy tree configuration key stored in said vaUdation key block 
(EKB) is characterized by being root key-Kroot set up to the root which is the 
top -most- vertices node of this hierarchy tree. 

[0041] In one embodiment of the information playback approach of this invention, 
furthermore, the hierarchy tree configuration key stored in said validation key block 
(EKB) It is constituted as a key which can be updated. Said information playback 
approach Furthermore, the updated hierarchy tree configuration key which was stored 
in the validation key block (EKB) which enciphered the high order key of said hierarchy 
tree by a low order hierarchy's node key, or the key of a leaf key which contains either at 
least It is characterized by including the step acquired by decode processing of said 
validation key block (EKB) by said device node key (DNK). 

[0042] Furthermore, the storage means which stored the device node key (DNK) to 
which the 5th side face of this invention becomes each node which constitutes the 
hierarchy tree structure which used as the leaf the information recording device with 
which plurality differs firom the node key of a proper, and the leaf key of each 
information recording device proper. It is the program which makes the information 
record processing to said record medium in the information recording device which has 
a cipher-processing means to perform cipher processing of the storing data to a record 
medium perform on computer system. Said program performs cipher processing which 
applied the cryptographic key (Kcon) to the characteristic value of the specific data 
regenerative apparatus which reproduces the storing data of said record medium. The 
step which generates the cryptographic key (Kst) applied to said storing data, the 
storing data encryption processing by said cryptographic key (Kst) - encryption data« " 
with the step which generates Enc (Kst, DATA) The cryptographic key (Kcon) applied to 
cipher processing of said characteristic value The step which generates the 
cryptographic key data enciphered using the hierarchy tree configuration key stored in 
the validation key block (EKB) which enciphered the high order key of said hierarchy 
tree by a low order hierarchy's node key, or the key of a leaf key which contains either at 
least, and said encryption data, It is in the program characterized by having the step 
which stores the data file containing said cryptographic key data, and said validation 
key block (EKB) in said record medium. 

[0043] Furthermore, the storage means which stored the device node key (DNK) to 
which the 6th side face of this invention becomes each node which constitutes the 
hierarchy tree structure which used as the leaf the information regenerative apparatus 
with which plurality differs from the node key of a proper, and a leaf key peculiar to 
each information ******, It can set to the information regenerative apparatus which has 



a cipher-processing means to perform decode processing of the storing data of a record 
medium. It is the program which makes regeneration of the storing data stored in said 
record medium perform on computer system. Said program The validation key block 
(EKB) which enciphered the high order key of said hierarchy tree stored in said record 
medium by a low order hierarchy's node key or the key of a leaf key which contains 
either at least is decoded using said device node key (DNK). The step which acquires the 
hierarchy tree configuration key stored in this validation key block (EKB), The step 
which acquires a cryptographic key (Kcon) by decode processing of the cryptographic 
key data enciphered using said hierarchy tree configuration key stored in said record 
medium, Cipher processing which applied said cryptographic key (Kcon) is performed to 
characteristic value of an information regenerative apparatus own [ said ]. Storing 
encryption data generate the decode key (Kst) applied to said storing data, and 
according to this decode key (Kst)- Be in the program characterized by having the step 
which performs decode processing of Enc (Kst, DATA). 

[0044] In addition, the program of this invention is stored in storages, such as the 
medium ofGered in a computer-readable format, for example, CD, and FD, MO, to the 
general purpose computer system which can perform various program codes, for 
example, and is a program [ provide / it / and ] which can be offered with transmission 
media, such as a network, etc. 

[0045] Such a program can demonstrate the collaboration-operation on a system and 
can acquire the same operation effectiveness as other side faces of this invention while 
it prescribes activation of the various functions which a system has based on reading of 
a program under processor control. 

[0046] The object, the description, and advantage of further others of this invention wiU 
become [ rather than ] clear by detailed explanation based on the example and the 
drawing to attach of this invention mentioned later. In addition, in this invention, a 
system is the logical set configuration of two or more equipments, and it does not 
restrict to what has equipment of each configuration in the same case. 
[0047] 

[Embodiment of the Invention] The example of a contents distribution system in which 
the application of the data processing system of this invention to [system outline] 
drawing 1 is possible is shown. The contents distribution means 10 transmits various 
contents, such as music, an image, a game, and a program, as encryption data or 
plaintext (un-enciphering) data to the data-processing means 20. With the 
data-processing means 20, the contents which received are decoded if needed, and 
playback of image data and voice data or various programs are performed, and 



processing of storing in an internal memory and removable memory is performed. The 
data exchange between the distribution means 10 of contents and the data-processing 
means 20 is performed through a memory card, DVD and CD, and other storages 
through networks, such as the telephone line and the Internet. 

[0048] As a contents distribution means 10, there is contents distribution terminal 14 
grade which the Internet 11, satellite broadcasting service 12, the telephone line 13, a 
service provider, etc. installed in the station or the store," in the case of the contents 
purchase from the contents distribution terminal 14, the removable storage devices 15, 
such as a memory card, are set to the contents distribution terminal 14, and contents 
are stored. In addition, in the system of this invention, processing including the 
encryption processing which gives detail explanation in the latter part in the case of this 
data migration is performed. 

[0049] As a device of the data -processing means 20, there are record regenerators, such 
as the pocket devices 23, such as a personal computer (PC) 21, the portable device (PD) 
22, a cellular phone, and PDA (Personal Digital Assistants), DVD, and a CD player, the 
game terminal 24, and record regenerative-apparatus 25 grade. Each device of these 
data-processing means 20 can acquire the contents offered from the contents 
distribution means 10 from means of communications, other data-processing means, or 
the data storage means 30, such as a network. 

[0050] The memory card (as an example, it is a memory stick (Memory Stick: 
trademark)) as DVD and CD equipped with storage means, such as a flash memory, and 
a storage means to have a code processing facility etc. is contained in the data storage 
means 30. 

[0051] Each of the data -processing means 20 can store the purchased contents data in 
removable storage means, such as an internal memory or a memory card. 
[0052] In case contents are outputted and stored in the removable storage means 30 
from the internal memory of the data-processing means 20 in the system of this 
invention, and in case the contents stored in the internal memory of the contents 
distribution terminal 14 at the time of contents purchase are stored in a removable 
storage device, processing including encryption processing of the contents explained to a 
detail in the latter part is performed, and the processing made refreshable only in a just 
purchaser's device is made. 

[0053] The example of migration processing of typical contents data is shown in drawing 
2 . The system shown in drawing 2 is drawing explaining possibility that the contents 
which showed the contents normal purchase terminal 50 and the contents non-normal 
purchase terminal 60 which is not performing the normal purchase of contents, and 



were purchased with the contents normal purchase terminal 50 will be used with the 
contents non-normal purchase terminal 60 through the removable storage devices 52, 
such as a memory card (for example, memory stick (Memory Stick* trademark)) which 
built in rewritable semiconductor memory, such as a flash memory. 

[0054] Through networks, such as the Internet, and the telephone line, the contents 
normal purchase terminal 50 can set a removable storage device 51 to the contents 
distribution terminal 40, and can purchase contents through processing of storing 
contents, such as audio data, image data, and a program. These contents are charged 
contents with which the user who paid the countervalue is provided, or the contents 
offered for [ specific ] registered users are contained. In storing ** and contents data, the 
contents normal purchase terminal 50 performs authentication processing, accounting, 
etc. between the host computers of a service provider if needed. 

[0055] The processing which stores in an internal memory the contents purchased in a 
regular procedure, and is reproduced is possible for the contents normal purchase 
terminal 50. Moreover, the processing which stores purchase contents in a removable 
storage device 52 is also possible, and it is possible to set this to the contents 
non-normal purchase terminal 60. Moreover, it is also possible to set to the direct 
contents non-normal purchase terminal 60 the removable storage device 51 to which the 
contents normal purchase terminal 50 set to the contents distribution terminal 40, and 
purchased contents. 

[0056] In the system of this invention, the contents playback from the removable 
storage device 52 set to these contents non-normal purchase terminals 60 or a 
removable storage device 51 is eliminated, and the processing made refi-eshable only in 
the contents normal purchase terminal 50 is made. 

[0057] In the case of storing of the contents data fi-om the contents normal purchase 
terminal 50 over the removable storage devices 51 and 52 shown in drawing 2 , or a 
contents distribution terminal, encryption processing of contents is performed and the 
processing which enables decode processing of encryption contents only in the contents 
normal purchase terminal 50 is made. Hereafter, the detail of these processings is 
explained. 

[0058] [the tree(Thurs.) structure as a key distribution configuration] " the hierarchy 
tree configuration which offers the configuration which distributes a cipher-processing 
key with various contents key cryptographic keys for enciphering the cryptographic key 
applied to cipher processing to the above contents, for example, the contents key applied 
to cipher processing of contents, and a contents key etc. to the device which has a just 
license in insurance is explained below using drawing 3 . 



[0059] The numbers 0*15 shown in the bottom of drawing 3 are each devices which 
constitute a data-processing means 20 to perform playback of contents data, and 
activation, for example, a contents (music data) regenerative apparatus. That is, each 
leaf (leaf leafi of the hierarchy tree(Thurs.) structure shown in drawing 3 is equivalent 
to each device, 

[0060] Each devices 0-15 store in memory the key set which consists of a key (node key) 
assigned to the node until it reaches [ from its" own leaf in the time of manufacture or 
shipment, or the hierarchy tree(Thurs.) structure which sets after that and is shown in 
drawing 3 ] the root, and a leaf key of each leaf. These key set is caUed a device node key 
(DNK). KOOOO Kllll which are shown in the bottom of drawing 3 are the leaf key 
assigned to each devices 0-15, respectively, and let key-Kroot-Klll indicated by the 2nd 
knot (node) from the bottom be a node key from Kroot (root key) of the maximum upper 
case. 

[0061] In the tree configuration shown in drawing 3 , a device 0 owns the leaf key KOOOO, 
and node key^KOOO, KOO and KO and Kroot as a device node key (DNK). A device 5 owns 
KOlOl, KOlO, KOI, KO, and Kroot as a device node key (DNK). A device 15 owns Kllll, 
Kill, Kll, Kl, and Kroot as a device node key (DNK). In addition, although shown as a 
bilateral symmetry configuration in which 16 devices of 0-15 were indicated by the tree 
of drawing 3 , and the tree structure was also able to take balance of a four- step 
configuration, it is possible to have a number-of-stages configuration which much more 
devices are constituted in a tree, and is different in each part of a tree. 
[0062] Moreover, the available device is contained in the store various type [, such as a 
memory card which used the flash memory constituted by various record media, for 
example, a device embedding mold or the device free / attachment and detachment / for 
each device contained in the tree structure of drawing 3 , and DVD, CD, MD, ]. 
Furthermore, various apphcation services can live together. The hierarchy tree 
structure which is the contents or the key distribution configuration shown in drawing 3 
after that such a different device and difierent application constitute [ coexistence ] is 
applied. 

[0063] In the system by which these various devices and application live together, the 
part 0, 1, 2, and 3 enclosed with the dotted line of drawing 3 , i.e., devices, is set up as 
one group using the same record medium. For example, to the device contained in the 
group enclosed with this dotted line, it collects, common contents are enciphered, and 
processing in which send the contents key which sends from a provider or is used [ each 
device ], or encipher to a provider or a settlement-of-accounts engine too, and the 
payment data of a contents tariff are outputted to him from each device is performed. 



Engines which perform data transmission and reception with each device, such as a 
content provider or a settlement-of-accounts processing engine, perform the part 
enclosed with the dotted line of drawing 3 , i.e., the processing which bundles up devices 
0, 1,2, and 3 as one group, and sends data. Two or more such groups exist in the tree of 
drawing 3 . Engines which perform data transmission and reception with each device, 
such as a content provider or a settlement"of-accounts processing engine, function as a 
message data distribution means. 

[0064] In addition, a node key and a leaf key are good also as a configuration managed 
for every group with message data distribution means, such as a provider who may 
generalize and manage with one certain key management center, and performs various 
data transmission and reception to each group, and a settlement-of-accounts engine. As 
for these node keys and a leaif key, in leakage of a key etc., an update process is 
performed, and a key management center, a provider, a settlement-of-accounts engine, 
etc. perform this update process. 

[0065] In this tree structure, three devices 0, 1, 2, and 3 contained in one group hold the 
keys KOO and KO common as a node key, and Kroot so that clearly firom drawing 3 , By 
using this node key share configuration, it becomes possible to provide only devices 0, 1, 
2, and 3 with a common contents key. For example, if node key KOO the very thing held 
in common is set up as a contents key, setting out of a contents key common only to 
devices 0, 1, 2, and 3 is possible, without performing new key sending. Moreover, if the 
value Enc (KOO, Kcon) which enciphered the new contents key Kcon by the node key 
KOO is stored in a record medium through a network and distributed to devices 0, 1, 2, 
and 3 Only devices 0, 1, 2, and 3 become possible [ solving Code Enc (KOO Kcon) using 
the share node key KOO held in each device, and obtaining contents key«Kcon ]. In 
addition, it is shown that Enc (Ka, Kb) is data which enciphered Kb by Ka. 
[0066] Moreover, the key which a device 3 owns in t at a certain event: When it is 
revealed that KOOll, KOOl, KOO, KO, and Kroot were analyzed by the aggressor (hacker), 
and it was exposed of Kroot, in order to protect the data transmitted and received by the 
system (group of devices 0, 1, 2, and 3) after it, it is necessary to separate a device 3 
fi-om a system. For that purpose, a node key: It is necessary to update KOOl, KOO, KO, 
and Kroot to respectively new key K (t)001 and K (t)00 and K (t)0 and K(t) root, and to 
tell the updating key to devices 0, 1, and 2. Here, it is shown that K(t) aaa is the 
updating key of generation (Generation) :t of Key Kaaa. 

[0067] Distribution processing of an updating key is explained. Renewal of a key is 
performed by storing the block data called the vahdation key block (EKB^Enabling Key 
Block) shown in drawing 4 (A) in a record medium through a network, and supplying it 



to each device. A validation key block (EKB) is constituted by the data which enciphered 
the updating key. A vaHdation key block (EKB) may be called the renewal block of a key 
(KRB:Key Renewal Block). 

[0068] The validation key block (EKB) shown in drawing 4 is EKB which has the data 
configuration which can be decoded using the device node key (DNK) of the processing 
possibility of, i.e., self, only in the required device of renewal of a node key. In the 
devices 0, 1, and 2 in the tree structure shown in drawing 3 , the example of drawing 4 is 
the block data formed for the purpose of distributing Generation's t updating node key, 
and has the data configuration which can be decoded using each device node key (DNK) 
which devices 0, 1, and 2 have. K (t)00 and K (t)0 and K(t) root are acquired by decode 
processing of a validation key block (EKB) as an updating node key, and, as for a device 
0 and a device 1, K (t)001 and K (t)00 and K (t)0 and K(t) root are acquired as an 
updating node key, as for a device 2. 

[0069] For example, as shown in EKB of drawing 4 (A), two or more cryptographic keys 
are contained in EKB, The cryptographic key of the bottom is Enc (KOOlO, K(t)00l). this 
a device - two - having - a leaf - a key - K - 0010 - enciphering - having had - 
updating - a node - a key " K - ( - 1 ••) - 001 it is - a device " two - self" having - a 
leaf" a key " this cryptographic key " decoding " K " 001 can be obtained, moreover, K 
obtained by decode " 001 " using " decode of the 2nd step of cryptographic key Enc (K 
(t)001 and K (t) " 00) is possible from under drawing 4 (A) " becoming " the updating 
node key K " 00 can be obtained, the following - one by one - the 2nd step from 
drawing 4 (A) of cryptographic key Enc (K (t)00 and K (t) " O) " decoding " the updating 
node key K - the 1st step of cryptographic key Enc (K (t)0, K(t) root) is decoded from on 
0 and drawing 4 (A), and K(t) root is obtained. On the other hand, it is not contained in 
the object for which device KOOOO.KOOOl update the node key KOOO, but the things 
which are need as an updating node key are K (t)00 and K (t)0 and K(t) root. Device 
KOOOO.KOOOl decode the 3rd step of cryptographic key Enc (KOOO, K(t)00) from on 
drawing 4 (A), and acquire K(t)00. the 2nd step firom the following and drawing 4 (A) of 
cryptographic key Enc (K (t)00 and K (t) - 0) - decoding " the updating node key K - 
the 1st step of cryptographic key Enc (K (t)0, K(t) root) is decoded from on 0 and 
drawing 4 (A), and K(t) root is obtained. Thus, devices 0, 1, and 2 can obtain updated 
key K (t)001 and K (t)00 and K (t)0 and K(t) root. In addition, the index of drawing 4 (A) 
shows the absolute address of the node key used as a decode key, and a leaf key. 
[0070] The node key of the high order stage of a tree structure shown in drawing 3 ' It is 
unnecessary, and renewal of K (t)0 and K(t) root can distribute updating node key 
K(t)00 to devices 0, 1, and 2 by using the validation key block (EKB) of drawing 4 (B), 



when only the node key KOO needs to be updated. 

[0071] EKB shown in drawing 4 (B) is available when distributing the new contents key 
shared in a specific group. As an example, the record medium with the devices 0, 1, 2, 
and 3 in the group who shows by the dotted line is used for drawing 3 , and new common 
contents key K(t) con presupposes that it is required, this the time a device " zero - 
one two " three -- being common " a node a key •* K 00 •* having updated " K - (- 
t --) 00 using - being new - being common -* updating - contents " a key " ' - K " 
(•• t ") - con " having enciphered - data " Enc (K (t) GO K(t) con) - drawing 4 - (- B -) 
being shown - EKB " distributing . By this distribution, it becomes possible for a 
device 4 etc. to distribute as data which are not decoded in other groups' device, 
[0072] namely, - a device - zero - one - two " EKB - processing " having obtained - K 
" (" t ") " 00 - using " the above " a cipher - decoding - if" t - an event - contents " 
a key - K - (" t ") " con obtaining things - possible - becoming . 
[0073] Processing of the device 0 which received EKB shown in the data Enc (K (t) 00 
K(t) con) which enciphered new common contents key K(t) con to [distribution of 
contents key which used EKB] drawing 5 , using K(t)00 as an example of processing 
which obtains contents key K(t) con in t event, and drawing 4 (B) through the record 
medium is shown. That is, it is the example which set the encrj^tion message data 
based on EKB to contents key K(t) con. 

[0074] As shown in drawing 5 , a device 0 generates node key K(t)00 by same EKB 
processing with having mentioned above using the node key KOOO which EKB and the 
them at the generation ^t event stored in the record medium store beforehand. 
Furthermore, updating contents key K(t) con is decoded using updating node key K(t)00 
decoded, and in order to use it behind, it enciphers and stores by the leaf key KOOOO 
which he has. 

[0075] The example of a format of a validation key block (EKB) is shown in [format of 
EKB] drawing 6 . A version 601 is an identifier which shows the version of a validation 
key block (EKB). In addition, a version has the function which shows the response 
relation of the function and contents which identify the newest EKB. A depth shows the 
number of hierarchies of the hierarchy tree to the device of the distribution place of a 
validation key block (EKB). A data pointer 603 is a pointer in which the location of the 
data division in a validation key block (EKB) is shown, and the tag pointer 604 is a 
pointer which the location of the tag section and the signature pointer 605 show the 
location of a signature. 

[0076] Data division 606 store the data which enciphered the node key updated, for 
example. For example, each crj^tographic key about the updated node key as shown in 



drawing 5 etc. is stored. 

[0077] The tag section 607 is a tag in which the physical relationship of the enciphered 
node key which was stored in data division and a leaf key is shown. The grant rule of 
this tag is explained using drawing 7 . Drawing 7 shows the example which sends the 
validation key block (EKB) previously explained by drawing 4 (A) as data. The data at 
this time come to be shown in the table (b) of drawing 7 . Let the address of the top node 
contained iri the crj^tographic key at thiis time be a top node address. In this case, since 
updating key K(t) root of a root key is contained, a top node address serves as Kroot. The 
data Enc (K (t)0, K(t) root) at this time, for example, the maximum upper case, are in 
the location shown in the hierarchy tree shown in (a) of drawing 7 . here, the following 
data are Enc (K (t)00 and K (t) O), and are in the location at the lower left of front data 
on a tree. A tag is set up, and 1 is set up when there are data, and there is nothing, 0 
and. A tag is set up as {a left (L) tag and a right (R) tag}. Since there are data in the left 
of the data Enc (K (t)0, K(t) root) of the maximum upper case and there are no data in L 
tag =0 and the right, it is set to R tag =1. Hereafter, a tag is set as all data and the data 
stream shown in drawing 7 (c) and a tag train are constituted. 

[0078] A tag is set up in order to show where [ of a tree structure ] Data Enc (Kxxx, 
Kyyy) are located, the key data Enc (Kxxx, Kyyy) stored in data division - since ... is 
only enumeration data of the key enciphered simply, it enables distinction of the 
location on the tree of the cryptographic key stored as data with the tag mentioned 
above. The node index to which encryption data were made to correspond like a 
configuration of that previous drawing 4 explained is used, without using the tag 
mentioned above, for example, it is 0-Enc (K (t)0, K(t) root). 
00:Enc(K(t)00,K(t)0 
000:Enc(K((t)000,K(T)00) 

** " although considering as a data configuration [ like ] is also possible, in the 
distribution which it will become redundant data and the amount of data will increase if 
it is a configuration using such an index, and minds a network, it is not desirable. On 
the other hand, distinction of a key position is attained by the small amount of data by 
using the tag mentioned above as index data in which a key position is shown. 
[0079] It returns to drawing 6 and an EKB format is explained further. A signature 
(Signature) is electronic signature which published the validation key block (EKB) and 
which a key management center, contents ROBAIDA, a settlement-ofaccounts engine, 
etc. perform, for example. It checks that the device which received EKB is the vaUdation 
key block (EKB) which the just validation key block (EKB) publisher published by 



signature verification. 

[0080] Although the [distribution of contents key and contents which used EKB] 
above-mentioned example explained the example which sends only a contents key with 
EKB, the configuration which sends collectively the contents enciphered by the contents 
key, the contents key enciphered by the contents key code key, and the contents key code 
key enciphered by EKB is explained below. 

[0081] This data configuration is shown in drawing 8 . In the configuration shown in 
drawing 8 (a) Enc (Kcon, content)801 It is data which enciphered contents (Content) by 
the contents key (Kcon). Enc (KEK, Kcon)802 It is data which enciphered the contents 
key (Kcon) by the contents key code key (KEK:Key Encryption Key). Enc (EKB, 
KEK)803 It is shown that it is data which enciphered the contents key code key KEK by 
the validation key block (EKB). 

[0082] Here, the contents key code key KEK may be the node key (KOOO, KOO -) shown 
by drawing 3 , or the root key (Kroot) itself, and may be a key enciphiered by the node 
key (KOOO, KOO -) or the root key (Kroot). 

[0083] Drawing 8 (b) can be considered as the configuration which adds the data in 
which the Unk place linked to Enc (EKB, KEK) is shown to each data in such a 
configuration that two or more contents are recorded on media, and shows the example 
of a configuration in the case of using Enc (EKB, KEK)805 with the same each, without 
adding the same Enc (EKB, KEK) as each data. 

[0084] drawing 9 contents - a key - a code - a key - KEK - drawing 3 being shown 
a node - a key K " 00 " having updated - updating a node " a key " K (- t ■*) " 
00 - ****** - having constituted a case - an example - being shown . In this case, 
noting that RIBOKU (abatement) of the device 3 is carried out by leakage of a key in the 
group enclosed with the dotted-line firame of drawing 3 Other groups' member, i.e., (a) 
validation key block shown in drawing 9 to devices 0, 1, and 2, (EKB) (b) Data which 
enciphered the contents key (Kcon) by the contents key code key (KEK=K00 (t)), (c) By 
distributing the data which enciphered contents (content) by the contents key (Kcon), 
devices 0, 1, and 2 can obtain contents. 

[0085] The decode procedure in a device 0 is shown in the right-hand side of drawing 9 . 
A device 0 acquires a contents key code key (KEK=KOO (t)) fi-om the received validation 
key block first by decode processing using the leaf key KOOO which self holds. Next, the 
contents key Kcon is acquired by the decode by K(t)00, and contents are fiirther decoded 
by the contents key Kcon. By these processings, a device 0 becomes available about 
contents. By processing EKB with respectively different procedure also in devices 1 and 
2, it becomes possible to acquire a contents key code key (KEK=K00 (t)), and it becomes 



possible to use contents similarly. 

[0086] Using the set of the leaf key which self holds, and a node key, i.e., a device node 
key, (DNK), even if other groups' devices 4 and 5 shown in drawing 3 and 6 ** receive 
this same data (EKB), they cannot acquire a contents key code key (KEK=KOO (t)). Also 
in the device [ RIBOKU / device / similarly ] 3, a contents key code key (KEK=KOO (t)) 
cannot be acquired, but only the device which has just access becomes possible 
[ decoding and using contents ] by the set of the leaf key which self holds, and a node key, 
i.e., a device node key, (DNK). 

[0087] Thus, if delivery of the contents key using EKB is used, it will become possible to 
distribute the encryption contents whose decode lessened the amount of data and only 
the just rightful claimant enabled at insurance. 

[0088] In addition, although a validation key block (EKB), a contents key, encryption 
contents, etc. are the configurations which can be distributed to insurance through a 
network, it is also possible to store a validation key block (EKB), a contents key, and 
encryption contents in record media, such as DVD and CD, and to provide for a user. In 
this case, if it constitutes so that the contents key obtained by decode of the validation 
key block (EKB) stored in the same record medium may be used for decode of the 
encryption contents stored in the record medium, available distribution processing of 
encrj^tion contents, i.e., the contents distribution which limited the available user 
device, will become realizable with a simple configuration only by the leaf key which 
only a just rightful claimant holds beforehand, and the node key. 

[0089] The example of a configuration which stored the validation key block (EKB) in 
the record medium with encryption contents at drawing 10 is shown. In the example 
shown in drawing 10 , contents C1-C4 are stored in a record medium, the data which 
matched the corresponding [ to each storing contents ]-fiirtHer validation key block 
(EKB) are stored, and the validation key block (EKB_M) of Version M is stored further. 
For example, it is used for EKB_1 generating the contents key Kconl which enciphered 
contents Cl, for example, EKB_2 are used for generating the contents key Kcon2 which 
enciphered contents C2. In this example, the validation key block (EKB_M) of Version 
M is stored in the record medium, and since contents C3 and C4 are matched with the 
validation key block (EKB_M), they can acquire the contents key of contents C3 and C4 
by decode of a validation key block (EKB_M). Since EKB_1 and EKB_2 are not stored in 
the disk, it is necessary to acquire EKB_1 [ required in order to decode each contents 
key by the new offer means, for example network distribution, or distribution by the 
record medium ], and EKB_2. 

[0090] As [categorization of hierarchy tree structure] **** was carried out, it is possible 



to encipher and distribute not only the contents key applied to contents encryption but 
the authentication key applied to mutual recognition processing, the ICV (Integrity 
Check Value) generation key applied as an alteration check yalue generation key of 
commo data or a program code, data, etc. with a validation key block (EKB) by applying 
the hierarchy tree structure of drawing 3 which consists of a root key, a node key, and a 
leaf key. Furthermore, the configuration which classifies the hierarchy tree structure 
which "defines the node key etc/for every category of each device, and performs efficient 
key update process, cryptographic key distribution, and data distribution is explained 
below. 

[0091] An example of the classification of the category of a hierarchy tree structure to 
drawing 11 is shown. In drawing 11 , the root key Kroot and 1101 are set to the 
maximum upper case of a hierarchy tree structure, the node key 1102 is set to the 
following intermediate stages, and the leaf key 1103 is set to the bottom. Each device 
holds each leaf key, and a series of node keys and root key firom a leaf key to a root key. 
[0092] Here, the existing node of the Mth step is set up as a category node 1104 from the 
maximum upper case as an example. That is, let each of the node of the Mth step be the 
device setting-out node of a specific category. Let M+1 or less step of node, and a leaf 
hereafter be the node and leaf about the device contained in the category by making one 
node of the Mth step into top-most vertices. 

[0093] For example, a category [memorandum RISUTEIIKU (trademark)] is set to one 
node 1105 of the Mth step of drawing 11 , and the node which stands in a row below in 
this node, and a leaf are set up as the node or leaf containing various devices which used 
memorandum RISUTEIIKU only for categories. That is, 1105 or less node is defined as 
the related node of the device defined as the category of a memory stick, and a set of a 
leaf. 

[0094] Furthermore, a low-ranking stage can be set up as a subcategory node 1106 by 
several steps bom M steps. For example, the node of [the vessel only for playbacks] is 
set up as a subcategory nodje contained in the category of the device which used the 
memory stick for the node under two steps of the category [memory stick] node 1105 as 
shown in drawing, furthermore " sub " a category - a node " it is " playback - 
dedication - a vessel " a node - 1106 - less than playback - dedication - a vessel - a 
category - containing - having - music - a regenerative function - with - a telephone 
" a node " 1107 - setting up - having - further " the - low order - music • a 
regenerative function " with - a telephone - a category - containing " having - [-- PHS 
"] - a node - 1108 [ - a cellular phone -] - a node " 1109 - it can set up . The device 
corresponding to the leaf connected to the low order of the [PHS] node 1108 and the 



[cellular-phone] node 1109 is usable PHS or a cellular phone about a memory stick. 
[0095] Furthermore, a category and a subcategory can be set up in units (these are 
generically called an entity hereafter) of arbitration, such as not only the class of device 
but the node which a certain manufacturer, a content provider, a settlement"of-accounts 
engine, etc. manage uniquely, for example, i.e., a batch, a jurisdiction unit, or an offer 
service unit. For example, if it sets up as a top-most-vertices node only for game device 
XYZ(s) to which a game equipment manufacturer sells one category node To the game 
device XYZ which a manufacturer sells, the node key of the lower berth below the 
top-most-vertices node, It becomes possible to store and sell a leaf key. Distribution of 
after that and encryption contents. Or the validation key block (EKB) constituted by the 
node key below the top -most- vertices node key and the leaf key in distribution of various 
keys and an update process is generated and distributed, and distribution of available 
data is attained only to the device below a top -most-vertices node. 

[0096] Thus, by making one node into top-most vertices, carrying out it, and considering 
as the configuration which sets up the following nodes as a related node of the category 
defined as the top-most-vertices node, or a subcategory The validation key block (EK[B) 
to which the manufacturer who manages one top -most- vertices node of a category stage 
or a subcategory stage, a content provider, etc. make the node top-most vertices is 
generated uniquely. The configuration distributed to the device belonging to below a 
top -most' vertices node is attained, and renewal of a key can be performed, without 
affecting at all the device belonging to the node of other categories which do not belong 
to a top -most- vertices node. 

[0097] [" simple - key distribution configuration] by EKB " for example, when [ which 
was explained previously ] sending a key, for example, a contents key, to a 
predetermined device (leaO in the tree configuration of drawing 3 , the validation key 
block (EKB) which can be decoded is generated and offered using the leaf key and node 
key which the key distribution place device owns. For example, in the tree configuration 
shown in drawing 12 (a), when transmitting a key, for example, a contents key, to the 
devices a, g, and j which constitute a leaf, the validation key block (EKB) which can be 
decoded is generated and distributed in each node of a, g, and j. 

[0098] For example, encryption processing of the contents key K(t) con is carried out by 
updating root key K(t) root, and the case where it distributes with EKB is considered. In 
this case, using the leaf and node key which each shows to drawing 12 (b), processing of 
EKB is performed, decode processing of contents key K(t) con is performed by updating 
root key K(t) root which acquired and acquired K(t) root, and, as for Devices a, g, and j, a 
contents key is obtained. 



[0099] In this case, the configuration of the validation key block (EKB) offered comes to 
be shown in drawing 13 . The validation key block (EKB) shown in drawing 13 is 
constituted according to a format of the validation key block (EKB) explained by 
previous drawing 6 , and has data (cryptographic key) and a corresponding tag. if a tag 
has data in the left (L), the right (R), and each direction as previously explained using 
drawing 7 0 1 is shown if there is nothing. 

[OlOO] Based on the cryptographic key and tag of a validation "key" block (EKB), the 
device which received the validation key block (EKB) performs decode processing of a 
cryptographic key one by one, and acquires the updating key of a host node. As shown in 
drawing 13 , the validation key block (EKB) increases the amount of data, so that there 
are many number of stageses (depth) firom the root to a leaf. A number of stages (depth) 
increases according to the number of devices (leafi, and when there are many devices 
used as the distribution place of a key, the amount of data of EKB will increase further. 
[0101] The configuration which enabled the cutback of the amount of data of such a 
validation key block (EKB) is explained. Drawing 14 shows the example which 
simphfied and constituted the validation key block (EKB) according to the key 
distribution device. 

[0102] The case where a key, for example, a contents key^ is transmitted like drawing 13 
to the devices a, g, and j which constitute a leaf is assumed. As shown in (a) of drawing 
14 , the tree constituted only by the key distribution device is built. In this case, based 
on the configuration shown in drawing 12 (b), the tree configuration of drawing 14 (b) is 
built as a new tree configuration. That Kj does not have branching from Kroot and only 
one branch should exist, in order to result [ from Kroot ] in Ka and Kg, the tree of 
drawing 14 (a) of the dichotomy configuration only fi-om only constituting the branch 
point in KO is built. 

[0103] As shown in drawing 14 (a), the simplified tree which has only KO as a node is 
generated. The validation key block (EKB) for updating key distribution is generated 
based on these simple trees. The tree shown in drawing 14 (a) is a reconstruction 
hierarchy tree reconstructed by choosing the pass which constitutes the dichotomy mold 
tree which made the bottom the end node or leaf which can decode a validation key 
block (EKB), and omitting an unnecessary node. The validation key block (EKB) for 
updating key distribution is constituted only based on the key corresponding to the node 
or leaf of this reconstruction hierarchy tree. 

[0104] Although the data which enciphered all the keys until the validation key block 
(EKB) explained by previous drawing 13 results [ from each leaves a, g, and j ] in Kroot 
were stored. Simplification EKB stores the encryption data only about the node which 



constitutes the simplified ; tree. As shown in drawing 14 (b), a tag has a triplet 
configuration, if it has the 1st and the 2nd bit of the example of drawing 13 and the 
same semantics and there are data in the left (L), the right (R), and each direction - 0 " 
1 is shown if there is nothing. The 3rd bit is a bit to show whether the cryptographic key 
is stored in EKB, and when data are stored and there are not 1 and data, it is set up as 0. 
[0105] As the validation key block (EKB) with which is stored in a data communication 
network or a storage, and a device (lea£) is provided was shown in drawing 14 (b), as 
compared with the configuration shown in drawing 13 , the amount of data was reduced 
substantially. Each device which received the validation key block (EKB) shown in 
drawing 14 can realize decode of a predetermined crjrptographic key by carrying out the 
sequential decode only of the data of a part with which 1 was stored in the 3rd bit of a 
tag. For example. Device a decodes the encryption data Enc (Ka, K(t)0) by the leaf key 
Ka, acquires node key K(t)0, by node key K(t)0, decodes the encryption data Enc (K (t)0, 
K(t) root), and acquires K(t) root. Device j decodes the encryption data Enc (Kj and K(t) 
root) by the leaf key Kj, and acquires K(t) root. 

[0106] Thus, by generating a validation key block (EKB) only using the key of the leaf 
which builds the simplified new tree configuration which is constituted only by the 
device of a distribution place, and constitutes the built tree, and a node, it becomes 
possible to generate the validation key block (EKB) of the small amount of data, and 
activation of data distribution of a validation key block (EKB) is attained efficiently. 
[0107] In addition, the simplified hierarchy tree configuration is effectively utilizable 
especially in the EKB management configuration of the entity unit explained in the 
latter part. Entities are two or more nodes chosen from the node or leaf which 
constitutes the tree configuration as a key distribution configuration, or the aggregate 
block of a leaf. An entity is a set set up according to the class of device, or is set up as a 
set of various modes, such as batches with a certain common feature, such as 
management units, such as a device offer manufacturer, a content provider, and a 
settlement-of-accounts engine, a jurisdiction unit, or an offer service unit. The devices 
classified into a certain common category have gathered for one entity, for example, the 
generation of the simplified validation key block (EKB) which can be decoded, and 
distribution are attained in the device belonging to the selected entity by reconstructing 
the simplified same tree with having mentioned above by the top-most-vertices node 
(subroot) of two or more entities, and generating EKB. The latter part explains the 
management configuration of an entity unit to a detail. 

[0108] In addition, such a validation key block (EKB) can be considered as the 
configuration stored in information record media, such as an optical disk and DVD. For 



example, the configuration which provides each device with the information record 
medium which stored further message data, such as contents enciphered by the 
updating node key, in the vaHdation key block (EKB) containing the data division 
constituted with above-mentioned cryptographic key data and the tag section as 
identification-of-position data in a cryptographic key data -hierarchy tree structure is 
possible. According to the discernment data of the tag section, a device carries out a 
"sequential extract, and decodes the cryptographic key data contained in a vahdation 
key block (EKB), and it becomes possible to acquire a key required for decode of contents 
and to use contents. Of course, it is good also as a configuration which distributes a 
validation key block (EKB) through networks, such as the Internet. 
[0109] In [data logging and regeneration] to a removable, record medium, next the 
processing configuration which applied the validation key block (EKB) which applied 
the hierarchy tree configuration mentioned above, the data storage processing to 
memory cards, such as the record medium which can be detached and attached fireely 
(removable storage device), for example, a memory stick etc., is explained to PC as 
equipment which performs contents playback, a cellular phone, and a regenerative 
apparatus. 

[Olio] (An information recording device and information regenerative^apparatus 
configuration) Drawing 15 is the block diagram showing the example of a configuration 
of the data processor as the information recording device which performs record or 
regeneration of contents, and an information regenerative apparatus. It is PC, a cellular 
phone, a data regenerative apparatus, etc., and, specifically, the removable storage 
device as record media, such as a memory card, has a removable configuration. 
[Olll] A data processor 100 The radial transfer of a digital signal I/O I/F (Interface) 120 
to perform, A/D which performs radial transfer of an analog signal, I/O I/F 
(Interface) 130 equipped with D/A converter 131, the cipher-processing means 140, ROM 
0 [ Read Only ] It has the drive 190 of Memory 150, RAM (Random Access Memory) 160, 
CPU (Central Processing Unit) 170, an internal memory 180, and a removable storage 
device 200. These are mutually connected by the bus 110. 

[0112] I/O I/F120 receives the digital signal on a bus 110, and outputs it outside while it 
receives the digital signal which constitutes various contents, such as an image supplied 
from the outside, voice, and a program, and outputs it on a bus 110. I/O I/F130 builds in 
A/D and D/A converter 131. The analog signal as contents supplied firom the outside is 
received, and I/O I/F 130 is carrying out A/D (Analog Digital) conversion by A/D and D/A 
converter 131, it receives the digital signal on a bus 110 while outputting it on a bus 110 
as a digital signal, it is carrying out D/A (Digital Analog) conversion by A/D and D/A 



converter 131, and outputs it outside as an analog signal. 

[0113] A cipher-processing means 140 enciphers or decodes the digital signal as contents 
which consist of LSI (Large Scale IntegratedCurcuit) of for example, one chip, for 
example, are supplied through a bus 110, and has the configuration which performs 
various processings accompanying cipher processing, such as processing outputted on a 
bus 110, and processing which generates the cipher-processing key based on the random 
number which generated the random number and was generated. In addition, the 
cipher-processing means 150 is possible not only for the 1 chip LSI but the thing which 
the configuration which combined various kinds of software or hardware reaUzes, and 
good also as a configuration performed by the function of CPU170. 

[0114] ROM150 stores the fixed data as the program which CPU170 performs, or an 
operation parameter. RAM (Random Access Memory) 160 is used as the storage area of 
the program performed in processing of CPU170, and the parameter which changes 
suitably in program manipulation, and a work-piece field. CPU170 performs the 
program stored in ROM 150 and the internal-memory 180 grade, and performs control of 
cipher processing by the cipher-processing means 150, and the various processings 
accompanying record playback of data. 

[0115] Store I/F190 supplies and records the data supplied through a bus 110 on a 
removable storage device 200 while it reads data from a removable storage device 200 
(reproducing) and outputs them on a bus 110 by controlling data I/O of as opposed to the 
removable storage deyice 200 in which an account rec/play student is possible for digital 
data. 

[0116] This data processor corresponds to the leaf of a tree configuration explained 
using drawing 3 , and the device node key (DNK) as a key set which consists of a leaf 
key and a node key is stored in an internal memory 180. For example, if it is a data 
processor corresponding to a device 0, it stores in an internal memory 180 by using the 
leaf key KOOOO, and node key:K000, KOO and KO and Kroot as a device node key (DNK). 
In addition, the internal memory 180 is usable also as the storing field of the contents 
inputted from the outside through I/O I/F120,140 or storage I/F, and a storing field of a 
validation key block (EKB). 

[0117] The data processor shown in drawing 15 purchases contents from a network, the 
telephone line, or a contents distribution terminal to normal, stpres them in an internal 
memory 180, and regenerates by reading contents from an internal memory 180. It 
reproduces, after performing decode processing of EKB by the device node key (DNK) 
stored in equipment and decoding encryption contents by the acquired contents key, as 
previously explained using drawing 9 if it is the contents as which the contents offered 



were enciphered using the contents key Kcon acquirable [ with processing of the 
above-mentioned validation key block (EKB) ] from the outside. 

[0118] such contents - in a refreshable data processor, it acquires from the exterior and 
the processing in the case of outputting the contents stored in the internal memory to 
the memory card as a removable storage device is explained. 

[0119] (Contents storing processing) Drawing which explains the procedure of the 
contents storing processing to the removable storage deyice in a data processor to 
drawing 16 is shown. The example shown in drawing 16 is an example of processing in 
case a data processor is equivalent to the device 0 in the tree configuration of drawing 3 . 
[0120] First, a data processor chooses EKB corresponding to the contents stored in the 
removable storage device as a data-logging medium, performs decode processing of EKB 
using the device node key (DNK) of self, and takes out the root key which is a hierarchy 
tree configuration key from EKB. In the example of drawing, EKB corresponding to the 
contents stored in a removable storage device is EKB of version -t, and a data processor 
acquires EKB of version^t from an internal memory, performs decode of EKB using 
KOOO in a device node key and this case, and takes out root key K(t) root. 
[0121] Next, a data processor generates a random number and generates contents 
key^Kcon based on a random number. In case this contents key stores contents to a 
removable storage device, based on the random number generated serially, a different 
contents key for every storing processing of contents will be generated. In addition, it is 
processing for carrying out to generation processing of this contents key being 
applicable also when the contents acquired from the network or the contents 
distribution terminal are not enciphered using the contents key. It is the case where the 
contents acquired from the exterior are beforehand enciphered by the contents key, and 
when a contents key can be acquired from the exterior, the generation processing of a 
contents key based on this random number may be omitted, and may apply the contents 
key acquired from the exterior. In addition, even if it is this case, based on a random 
number, a contents key may be anew generated within a data processor. 
[0122] Next, encryption data encipher by root key:K(t) root which acquired previously 
the contents key generated, for example based on the random number by EKB 
processing, and according to the root key of a contents key" Acquire Enc (K(t) root, Kcon). 
[0123] Furthermore, if ID of a data processor, for example, a data processor, is a cellular 
phone by generated contents key^Kcon, the telephone number corresponding to a 
cellular phone will be enciphered, and Enc (Kcon, ID) will generate storage key ^Kst. 
[0124] Next, the storage key generated by enciphering ID by contents key^Kcon*. 
Encipher contents (DATA) using Kst and generate encryption contents ^Enc (Kst, DATA). 



[0125] thus, generated contents key: - root key [ of Kcon V- " encryption data^ by K(t) 
root " let Enc (K(t) root, Kcon) and encryption data^Enc (Kst, DATA) by storage key^Kst 
of contents (DATA) be the storing data files to a removable storage device. 
[0126] A data processor combines the data file containing these encryption contents, and 
a corresponding EKB file, and stores them in a removable storage device. In addition, 
the EKB file and data file to store store by carrying out mutual matching. Matching can 
be performed by adding the version information of EKB. to the data file stored, for 
example. As previous drawing 6 explained, version information is beforehand added to 
the EKB file. 

[0127] The example of a configuration of an EKB file and a data file stored in drawing 
17 at a removable storage device is shown. An EKB file is EKB which can acquire root 
key:K(t) root which is a hierarchy tree configuration key using the device node key 
(DNK) beforehand distributed to the data processor. Moreover, encryption data based on 
encrj^tion data^Enc (K(t) root, Kcon) according to root key:K(t) root of contents 
key^Kcon as the data file was explained using drawing 16 , and storage- key ^Kst of 
contents (DATA): In the case of EKB version information and the example of this 
drawing, it has the composition that version :t was recorded, including Enc (Kst, DATA). 
Two or more contents may be stored in a removable storage device, and the EKB file 
corresponding to each is also collectively stored in it. 

[0128] (Data regeneration) The processing in the case of reproducing the encryption 
contents (DATA) stored in such a removable storage device (record medium) is 
explained using drawing 18 . 

[0129] The example of processing of drawing 18 is a just contents purchaser, is contents 
regeneration in the data processor (device O) which performed contents storing 
processing to the removable storage device, and shows the example to which normal 
contents regeneration is carried out. 

[0130] First, a data processor acquires the EKB version information which corresponds 
firom the data file stored in the removable storage device, in the acquired version 
information and this example, performs decode processing of EKB using the device node 
key (DNK) which acquired the EKB file corresponding to a version (t) firom the 
removable storage device, and was stored in the data processor, and acquires root 
key:K(t) root which is a hierarchy tree configuration key. Succeeding in this EKB decode 
processing becomes only the device which stored beforehand the device node key (DNK) 
which can decode EKB. 

[0131] Next, a data processor performs decode processing which applied data:K[ root 
key / which acquired Enc (K(t) root, Kcon) and was acquired by EKB processing /:] (t) 



root which enciphered contents key:Kcon by root key-K(t) root from the data file in a 
removable storage device, and acquires contents key-Kcon. 

[0132] Next, if a data processor is a cellular phone and a data processor is a 
regenerative apparatus of the telephone number or others, it will carry out 
encryption :Enc (Kcon, ID) of ID, such as an equipment item number, with the 
appUcation of acquired contents key^Kcon, and will generate storage key*Kst. This 
storage key: The storage key from which Kst differs for every device based on self ID 
will be generated. That is, when a storage key is generated in other devices with other 
ID, a different storage key is generated. 

[0133] Next, the storage key which the data processor took out encryption data^Enc (Kst, 
DATA) by storage- key :Kst of contents (DATA) from the data file in a removable storage 
device, and was generated: Perform decode processing using Kst. The storage key 
appUed to encryption on the occasion of the contents storing processing to a removable 
storage device in order to succeed in this decode processing: The same storage key as 
Kst needs to be generated. In the case of the example shown in this drawing 18 , a data 
processor is a device 0, and it is the device which stored the contents to a removable 
storage device, and since ID is the same, generation of the same storage key as the time 
of data storage is performed, and it succeeds in decode of encrj^tion contents :Enk (Kst, 
DATA), and becomes reproducible [ contents ]. 

[0134] Even if it is going to perform data playback in the device which performed storing 
processing of contents to the removable storage device, and a different device, it will 
differ from the storage key which ID differed and the storage key generated applied at 
the time of data storage, and decode of encryption contents-Enk (Kst, DATA) cannot be 
performed, but playback of contents becomes impossible. 

[0135] Thus, according to the configuration of this invention, it is needed that it is the 
device which can acquire the contents key which can be decoded by EKB processing as 
an execution condition of the contents playback stored in the removable storage device, 
and that it is the same device which performed record processing further. Therefore, it 
belongs to the specific group of the tree configuration shown in drawing 3 , and even if it 
is the case where two or more devices which can decode the same EKB exist, a 
refreshable device becomes possible [ limiting to the only device which stored contents 
in the removable storage device ] about the contents stored in the removable storage 
device. 

[0136] (Contents download processing in a contents distribution terminal) Although the 
data processor explained the contents beforehand stored in the internal memory 
supposing the processing stored in a removable storage device, the contents storing 



processing mentioned above For example, a sei^ice provider provides and a user sets a 
removable storage device to the distribution terminal of contents installed in the station, 
the store, etc. the removable storage device after purchasing namely, downloading 
contents a self data processor (PC ") Also when it is going to set in a cellular phone, a 
regenerative apparatus, etc, and is going to reproduce contents, in the device which 
purchased contents, a refreshable configuration is realized like above-mentioned 
processing. 

[0137] A user sets the removable storage device as a record medium to the distribution 
terminal of contents using drawing 19 , and the processing which purchases contents is 
explained. 

[0138] A service provider provides and a regenerative apparatus B and 500 are 
indicated to be the regenerative apparatus A of the cellular-phone mold as a data 
processor and 400 which are going to purchase contents from the distribution terminal 
300 of contents installed in the station, the store, etc., and the distribution terminal 300 
of contents, and are going to perform playback to drawing 19 . A regenerative apparatus 
A, 400, and a regenerative apparatus B and 500 choose the contents which have set a 
removable storage device 600 like a memory card to the contents distribution terminal 
300, and it performs purchase, i.e., the processing which downloads selection contents to 
a removable storage device 600. 

[0139] The configuration of the contents distribution terminal 300 is explained. A 
contents distribution terminal stores in the storage means 370 the device node key 
(DNK) which is set up as a data processor (device) corresponding to one leaf of a tree 
configuration explained using [ else / drawing 3 ] previously, and is set as a response leaf, 
and has a configuration with the removable removable storage devices 600, such as a 
memory card. 

[0140] The contents distribution terminal 300 has I/O I/F (Interface) 320 which performs 
data radial transfer, the cipher-processing means 330, ROM (Read Only Memory)340, 
RAM (Random Access Memory)350 and CPU (Central Processing Unit)360, the storage 
means 370, and removable storage device I/F (Interface)380, and these are mutually 
connected by the bus. 

[0141] I/O I/F320 displays downloadable contents information, price information, etc, 
and processes the data input accompanying the contents purchase processing from a 
user. The cipher-processing means 330 enciphers or decodes the digital signal as 
contents which consist of LSI (Large Scale IntegratedCurcuit) of for example, one chip, 
for example, are supplied through a bus, and has the configuration which performs 
various processings accompanying cipher processing, such as processing outputted on a 



bus, and processing which generates the cipher-processing key based on the random 
number which generated the random number and was generated. In addition, the 
cipher-processing means 330 is possible not only for the 1 chip LSI but the thing which 
the configuration which combined various kinds of software or hardware reaUzes, and 
good also as a configuration performed by the function of a control means (CPU) 360. 
[0142] ROM340 stores the fixed data as the program which a control means (CPU) 360 
perforihsTor'an operation pafsmi^ter RAM (Random Access Memory)350 is used as the 
storage area of the program performed in processing of a control means (CPU) 360, and 
the parameter which changes suitably in program manipulation, and a work-piece field. 
A control means (CPU) 360 performs the program stored in ROM340 and the storage 
means 370 grade, and performs control of the various processings accompanying cipher 
processing by the cipher-processing means 330, and download processing of data. 
[0143] Store I/F380 controls the data I/O to a removable storage device 200. This 
contents distribution terminal 300 corresponds to the leaf of a tree configuration 
explained using drawing 3 , and the device node key (DNK) as a: key set which consists 
of a leaf key and a node key is stored in the storage means 370. For example, if it is the 
contents distribution terminal 300 corresponding to a device 0, it stores in the storage 
means 370 by using the leaf key KOOOO, and node key:K000, KOO and KO and Kroot as a 
device node key (DNK). In addition, the storage means 370 is used also as the storing 
field of contents, and a storing field of a vaUdation key block (EKB). 

[0144] A removable storage device 600 is set to the contents distribution terminal 300 
shown in drawing 19 , and the processing in the case of purchasing contents is explained. 
[0145] For example, the user who is going to reproduce purchase contents using a 
regenerative apparatus A and 400 sets to the contents distribution terminal 300 the 
removable storage device 600 which performs download of contents. 
[0146] Next, through I/O I/F320, a contents purchase user specifies contents and inputs 
the discernment data of a proper into a device for the telephone number as a 
regenerative apparatus A and ID of 400 etc. further. 

[0147] Processing of the contents distribution terminal 300 turns into processing 
previously explained using drawing 16 , and the almost same processing, and as shown 
in drawing 17 , an EKB file and a data file are stored in a removable storage device. The 
data storage processing to the removable storage device 600 of the contents distribution 
terminal 300 is explained referring to drawing 16 . 

[0148] The contents distribution terminal 300 is explained as a thing corresponding to 
the device 0 in the tree configuration of drawing 3 . In addition, a regenerative 
apparatus A and 400 are the devices corresponding to one in the tree configuration of 



drawing 3 of leaves, and store the device node key (DNK) in the interior. 
[0149] First, the contents distribution terminal 300 chooses EKB corresponding to the 
contents which the user specified through I/O I/F320, performs decode processing of 
EKB using the device node key (DNK) of self, and takes out the root key which is a 
hierarchy tree configuration key from EKB. In the example of drawing 16 , EKB 
corresponding to the contents stored in a removable storage device is EKB of version-t, 
and the contents distribution terminal 300 acquires EKB of version:t from the storage 
means 370, performs decode of EKB using KOOO in a device node key and this case, and 
takes out root key K(t) root. 

[0150] Next, the contents distribution terminal 300 generates a random number in the 
cipher-processing means 330, and generates contents key'Kcon based on a random 
number. In case this contents key stores contents to a removable storage device, based 
on the random number generated serially, a different contents key for every download 
processing to the removable storage device of contents will be generated. In addition, it 
is the case where are processing for making application possible also when contents are 
not enciphered using the contents key, and, as for generation processing of this contents 
key, contents are beforehand enciphered by the contents key as mentioned above, and 
the contents key which omitted the generation processing of a contents key based on 
this random number, and acquired the contents key fi-om the exterior when it was 
acquisition ending firom the outside may be applied. In addition, even if it is this case, 
based on a random number, a contents key may be anew generated within the contents 
distribution terminal 300. 

[0151] Furthermore, encryption data encipher by root key^KCt) root which acquired 
previously the contents key generated based on the random number by EKB processing, 
and according to the root key of a contents key: Generate Enc (K(t) root, Kcon). 
[0152] Furthermore, in the contents purchased equipment inputted by the user through 
I/O I/F320 by generated contents key:Kcon, and this example, a regenerative apparatus 
A and the telephone number corresponding to the cellular phone as ID of 400 are 
enciphered, and Enc (Kcon, ID) generates storage key^Kst. 

[0153] Next, the storage key generated by enciphering ID by contents key^Kcon: 
Encipher contents (DATA) using Kst and generate encryption contents:Enc (Kst, DATA). 
[0154] thus, generated contents key: - root key [ of Kcon ]: - encryption data: by K(t) 
root " let Enc (K(t) root, Kcon) and encryption data:Enc (Kst, DATA) by storage key:Kst 
of contents (DATA) be the storing data files to a removable storage device. 
[0155] The contents distribution terminal 300 combines the data file containing these 
encryption contents, and a corresponding EKB file, and stores them in a removable 



storage device. In addition, the EKB file and data file to store store by carrying out 
mutual matching. Matching can be performed by adding the version information of EKB 
to the data file stored, for example. As previous drawing 6 explained, version 
information is beforehand added to the EKB file, 

[0156] Thus, the storage key which the contents distribution terminal 300 generated 
storage-key -Kst based on ID inputted fi-om the outside, and was generated^ Encipher 
■contehts~using"kst. The configur^tioiTof'the EKB 'file stored in a risDiovable storage 
device and a data file is the same as the configuration of drawing 17 explained 
previously, and an EKB file and a data file are matched and it is stored. 
[0157] Thus, the processing in the case of reproducing the encryption contents (DATA) 
stored in the removable storage device 600 fi'om the contents distribution terminal 300 
is the same as processing of drawing 18 explained previously. 

[0158] However, the example of processing of drawing 18 is an example of processing of 
the device 0 in the device of the tree configuration of drawing 3 . That the contents 
distribution terminal 300 is equivalent to a device 0, then when it assumes, a 
regenerative apparatus A and 400 are not the device 0 but the devices 1. In this case 
that processing The EKB version information which corresponds from the data file 
stored in the removable storage device is acquired. In the acquired version inforniation 
and this example, decode processing of EKB is performed using the device node key 
(DNK) which acquired the EKB file corresponding to a version (t) fi:om the removable 
storage device, and was stored in a regenerative apparatus A and 400, and root key-K (t) 
is acquired. The device which stored beforehand the device node key (DNK) which can 
decode EKB succeeds in this EKB decode processing. 

[0159] Next, a regenerative apparatus A and 400 perform decode processing which 
applied data:K[ root key / which acquired Enc (Kit) root, Kcon) and was acquired by 
EKB processing /•] (t) root which enciphered contents key-Kcon by root key:K(t) root 
fi-om the data file in a removable storage device, and acquire contents key^Kcon. 
[0160] Next, a regenerative apparatus A and 400 carry out encryption :Enc (Kcon, ID) of 
ID, i.e., the telephone number, by acquired contents key^Kcon, and generate storage 
key:Kst. This storage key: Kst becomes the same thing as storage key^Kst which the 
contents distribution terminal 300 generated based on ID inputted by the user at the 
time of the purchase of contents. 

[0161] Next, the storage key which a regenerative apparatus A and 400 took out 
encryption data:Enc (Kst, DATA) by storage-key -Kst of contents (DATA) from the data 
file in a removable storage device, and was generated^ Perform decode processing using 
Kst. The storage key applied to encryption on the occasion of the contents storing 



processing to a removable storage device in order to succeed in this decode processing- 
The same storage key as Kst needs to be generated. In this case, since ID applied at the 
time of storing of contents and playback is a regenerative apparatus A and the 
telephone number of 400 and its ID is the same, generation of the same storage key as 
the time of data storage is performed, and it succeeds in decode of encryption 
contents^Enk (Kst, DATA), and becomes reproducible [ contents ]. 

[0162] When itisgoing to perform datiTplayback'iirthlellevice which performed storing 
processing of contents to the removable storage device, and a different device. For 
example, even if the regenerative apparatus B shown in drawing 19 and 500 tend to 
borrow a removable storage device 600, tend to set to a regenerative apparatus B and 
500 and tend to perform playback The storage key which a storage key will be generated 
based on ID (for example, equipment item number) which is different in a regenerative 
apparatus B and 500, and was generated The contents distribution terminal 300 
becomes a different thing from the storage key applied when contents were enciphered 
and stored in a removable storage device 600, decode processing cannot be performed 
but regeneration becomes impossible. 

[0163] Thus, in addition to being the device which can acquire the contents key which 
can be decoded by EKB processing from an external contents distribution terminal as 
conditions which perform playback of the contents stored in the removable storage 
device according to the configuration of this invention, it is further set up as conditions 
in the case of contents purchase processing that it is the same device as the specified 
device. Therefore, it belongs to the specific group of the tree configuration shown in 
drawing 3 , and even if it is the case where two or more devices which can decode the 
same EKB exist, it becomes possible to limit to the only device with which the 
refreshable device specified the contents stored in the removable storage device at the 
time of contents purchase . 

[0164] (Contents record, regeneration sequence) Next, procedure is explained using a 

flow about storing processing of the contents to a removable storage device, and 

regeneration of the contents stored in the removable storage device. 

[0165] First, according to the processing flow of drawing 20 , the procedure which stores 

in a removable storage device the contents from which the removable data processor 

stored the removable storage device in the internal memory is explained. 

[0166] First, in step S5001, the EKB file applied to the contents stored in a removable 

storage device is chosen. Although the data processor should store only the EKB file of 

the latest version fundamentally, when two or more EKB files are stored, for example, it 

chooses the newest EKB fi-om those EKB files. 



[0167] Next, in step S5002, decode processing of EKB is performed using the device 
node key (DNK) which is the key set of a leaf key and a node key stored in equipment, 
and the root key Kroot which is a hierarchy tree configuration key is acquired. 
[0168] Next, in step S5003, a random number is generated and contents key;Kcon is 
generated. In addition, it is processing for carrying out to generation processing of this 
contents key being appUcable also when the contents acquired from the network or the 
contents distributiori'terminal Se not~enciphered the contents" key. It is the case 

where the contents acquired from the exterior are beforehand enciphered by the 
contents key, and when a contents key can be acquired from the exterior, the generation 
processing of a contents key based on this random number may be omitted, and may 
apply the contents key acquired from the exterior. In addition, even if it is this case, 
based on a random number, a contents key may be anew generated within a data 
processor. 

[0169] Next, encryption according [ in / in step S5004, acquire ID from an internal 
memory, and / a cipher-processing means ] to contents key^Kcon of ID: Perform Enc 
(Kcon, ID) and generate storage key^Kst (S5005). 

[0170] Furthermore, in step S5006, by root key^Kroot acquired by EKB processing, 
encryption processing of contents key^Kcon is performed and Enc (Kroot, Kcon) is 
generated. 

[0171] Furthermore, in step S5007, encryption processing is performed for the contents 
(DATA) stored in a removable storage device by storage key^Kst, Enc (Kst, DATA) is 
generated, an EKB file and the data file which stored Enc (Kroot, Kcon) and Enc (Kroot, 
Kcon) are matched in step S5008, and it stores in a removable storage device. 
[0172] Next, according to the processing flow of drawing 21 , a contents distribution 
terminal explains the procedure stored in the removable storage device in which the 
user set contents. 

[0173] First, in step S6001, the EKB file applied to the contents specified by [ which is 
stored in the removable storage device which the user set ] a user is chosen. Next, in 
step S6002, decode processing of EKB is performed using the device node key (DNK) 
which is the key set of a leaf key and a node key stored in equipment, and the root key 
Kroot which is a hierarchy tree configuration key is acquired. 

[0174] Next, in step S6003, a random number is generated and contents key^Kcon is 
generated. In addition, it is the case where are processing for making application 
possible also when contents are not enciphered using the contents key, and, as for 
generation processing of this contents key, contents are beforehand enciphered by the 
contents key as mentioned above, and the contents key which omitted the generation 



processing of a contents key based on this random number, and acquired the contents 
key from the exterior when it was acquisition ending from the outside may be applied. 
In addition, even if it is this case, based on a random number, a contents key may be 
anew generated within a contents distribution terminal. 

[0175] Next, encryption according [ in / in step S6004, acquire ID inputted by the user 

from the outside, and / a cipher-processing means ] to contents key^Kcon of ID: Perform 

Enc (Kcon, ID) and generate storage key^Kst (S6005). "* 

[0176] Furthermore, in step S6006, by root key^Kroot acquired by EKB processing, 

encryption processing of contents key^Kcon is performed and Enc (Kroot, Kcon) is 

generated. 

[0177] Furthermore, in step S6007, encryption processing is performed for the contents 
(DATA) stored in a removable storage device by storage key:Kst, Enc (Kst, DATA) is 
generated, an EKB file and the data file which stored Enc (Kroot, Kcon) and Enc (Kroot, 
Kcon) are matched in step S6008, and it stores in a removable storage device. 
[0178] Next, according to the processing flow of drawing 22 , the procedure which 
reproduces the contents from which the removable data processor stored the removable 
storage device in the removable storage device is explained. 

[0179] First, in step S7001, the EKB file applied to the contents reproduced from a 
removable storage device is chosen. Selection of an EKB file is performed as processing 
which acquires the EKB file which is in agreement with the EKB version information 
added to the data file containing the encryption contents shown in drawing 17 explained 
previously from a removable storage device. In step S7002, when it succeeds in EKB 
acquisition, it progresses to degree step, and when EKB cannot be acquired, processing 
is ended as an error (S7011). 

[0180] Next, in step S7003, decode processing of EKB acquired fix)m the removable 
storage device is performed using the device node key (DNK) which is the key set of a 
leaf key and a node key stored in equipment, and the root key Kroot which is a 
hierarchy tree configuration key is acquired. When it succeeds in root key Kroot 
acquisition, it progresses to degree step, and when the root key Kroot cannot be 
acquired, processing is ended as an error (S7011). When the root key Kroot is 
unacquirable, it is the case, RIBOKU [ the equipment ], etc. 

[0181] Next, in step S7005, encryption contents:Enc (Kst, DATA) is read from the 
storing data file of a removable storage device. From the storing data file of a removable 
storage device to next, an encryption contents key: Read Enc (Kroot, Kcon), perform 
decode processing by the root key Kroot acquired by EKB decode processing at step 
S7003, and obtain the contents key Kcon (S7006). 



[0182] Next, encryption by the contents key [ on step S7007 and as opposed to self ID ]: 
Perform Enc (Kcon, ID) and generate storage key-Kst. next, in step S7008, decode 
processing is performed with the apphcation of storage key'Kst which generated 
encryption contents^Enc (Kst, DATA) in which the removable storage device carried out 
storing data file reading appearance. 

[0183] If judged with decode having succeeded in step S7009, it will reproduce at step 
S7010. In^decode failure, in step S7009, processing is ended as an error (S7011). It 
becomes an error when the storage key generated based on ID in step S7007 differs 
from the storage key apphed in the contents storing processing to a removable storage 
device. When ID applied to storage key generation differs, activation of playback 
becomes impossible. 

[0184] In addition, in explanation of the above-mentioned exaniple, although 
explanation was omitted, when a removable storage device has a data processing 
function, it is good also as a configuration which performs mutual recognition 
processing between both equipments, and performs the data I/O between each 
equipment a condition [ formation of mutual recognition ] in advance of the data I/O 
between the data processor as a regenerative apparatus or a contents distribution 
terminal, and a removable storage device. 

[0185] As mentioned above, it has explained in detail about this invention, referring to a 
specific example. However, it is obvious that this contractor can accompUsh correction 
and substitution of this example in the range which does not deviate from the summary 
of this invention. That is, with the gestalt of instantiation, this invention has been 
indicated and it should not be interpreted restrictively. In order to judge the summary of 
this invention, the column of the claim indicated at the beginning should be taken into 
consideration. 

[0186] In addition, a series of processings in which it explained into the description can 
be performed by the compound configuration of hardware, software, or both. When 
performing processing by software, it is possible to install the program which recorded 
the processing sequence in the memory in the computer built into the hardware of 
dedication, and to perform it, or to make the general purpose computer which can 
perform various processings install and execute a program. 

[0187] For example, a program is recordable on the hard disk and ROM (Read 
Only Memory) as a record medium beforehand. Or a program is permanently 
[ temporarily or ] storable in removable record media, such as a floppy (trademark) disk, 
CD-ROM (Compact Disc Read Only Memory), MO (Magneto optical) disk, DVD (Digital 
Versatile Disc), a magnetic disk, and semiconductor memory, (record). Such a removable 



record medium can be offered as the so-called software package. 

[0188] In addition, a program is installed in a computer from a record medium which 
was mentioned above, and also it is installable in record media, such as a hard disk 
which carries out a wireless transfer, or transmits to a computer with a cable through 
networks, such as LAN (Local Area Network) and the Internet, at a computer, receives 
the program transmitted by making it such by computer, and is built in from a 
download site. 

[0189] In addition, various kinds of processings indicated by the description meet the 
throughput or need for equipment of time series not only performing, but performing 
processing according to a publication, and may be performed in juxtaposition or 
individually. Moreover, in this description, a system is the logical set configuration of 
two or more equipments, and it does not restrict to what has equipment of each 
configuration in the same case. 
[0190] 

[Effect of the Invention] As mentioned above, as explained, according to the information 
recording device of this invention, an information regenerative apparatus and the 
information record approach, and the information playback approach As conditions 
which perform playback of the contents stored in a removable storage device like a 
memory card It adds to it being the device which can acquire the contents key which can 
be decoded by validation key block (EKB) processing. Furthermore, even if it is the case 
where setting out of being the same device which performed record processing to a 
removable storage device is attained as conditions, and two or more devices which can 
decode the same EKB exist A refreshable device becomes possible [ limiting to the only 
device which stored contents in the removable storage device 1 about the contents stored 
in the removable storage device. 

[0191] Furthermore, according to the information recording device of this invention, an 
information regenerative apparatus and the information record approach, and the 
information playback approach As conditions which perform playback of the contents 
stored in the removable storage device from the external contents distribution terminal 
It adds to it being the device which can acquire the contents key which can be decoded 
by EKB processing. Furthermore, even if it is the case where setting out of being the 
device same in the case of contents purchase processing as the specified device is 
attained as conditions, and two or more devices which can decode the same EKB exist It 
becomes possible to limit to the only device with which the refreshable device specified 
the contents stored in the removable storage device at the time of contents purchase. 
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[Brief Description of the Drawings] 

[Drawing l] It is drawing explaining the system use concept of this invention. 
" [Drawing"'2] It is drawing shewing" the example of a system configuration of this 
invention, and the example of data utilization using a removable storage device. 
[Drawing 3] They are the various keys in the . system of this invention, and a tree block 
diagram explaining data encryption processing. 

[Drawing 4] It is drawing showing the example, of the various keys in the system of this 
invention, and the validation key block (EKB) used for distribution of data. 
[Drawing 5] It is drawing showing the example of distribution which used the validation 
key block (EKB) of the contents key in the system of this invention, and the example of 
decode processing. 

[Drawing 6] It is drawing showing the example of a format of the validation key block 
(EKB) in the system of this invention. 

[Drawing 7] It is drawing explaining the configuration of the tag of the validation key 
block (EKB) in the system of this invention. 

[Drawing 8] It is drawing showing the example of a data configuration which distributes 
a contents key and contents collectively with the validation key block (EKB) in the 
system of this invention. 

[Drawing 9] It is drawing showing the example of processing in the device at the time of 
distributing a contents key and contents collectively with the vahdation key block 
(EKB) in the system of this invention. 

[Drawing 10] It is drawing explaining the response at the time of storing the validation 
key block (EKB) and contents in a system of this invention in a record medium. 
[Drawing 111 It is drawing explaining the example of the categorization of the hierarchy 
tree structure in the system of this invention. 

[Drawing 12] It is drawing explaining the generation process of the simplification 
validation key block (EKB) in the system of this invention. 

[Drawing 13] It is drawing explaining the generation process of the validation key block 
(EKB) in the system of this invention. 

[Drawing 14] It is drawing explaining the simplification validation key block (EKB) in 
the system of this invention. 

[Drawing 15] It is drawing showing the example of a configuration of the data 



regenerative apparatus in the system of this invention. 

[Drawing 16] It is drawing showing the example of data storage processing over a 
removable storage device in the system of this invention. 

[Drawing 17] In the system of this invention, it is drawing showing the example of data 
stored in a removable storage device. 

[Drawing 18] In the system of this invention, it is drawing showing the example of data 
regeneration from a removable storage device. 

[Drawing 19] In the system of this invention, it is drawing showing the example of data 
storage processing over the removable storage device from a contents distribution 
terminal. 

[Drawing 20] In the system of this invention, it is drawing showing the processing flow 
which stores contents in a removable storage device. 

[Drawing 2l] In the system of this invention, it is drawing showing the data storage 
processing flow over the removable storage device from a contents distribution terminal. 
[Drawing 22] In the system of this invention, it is drawing showing the data 
regeneration flow from a removable storage device. 
[Description of Notations] 

10 Contents Distribution Means 

11 Internet 

12 Satellite Broadcasting Service 

13 Telephone Line 

14 Contents Distribution Terminal 

15 Removable Storage Device 

20 Data-Processing Means 

21 Personal Computer (PC) 

22 Portable Device (PD) 

23 Cellular Phone, PDA 

24 Record Regenerator, Game Terminal 

25 Regenerative Apparatus 
30 Storage Means 

40 Contents Distribution Equipment 

50 Contents Normal Purchase Terminal 

51 52 Removable storage device 

60 Contents Non-Normal Purchase Terminal 

601 Version 

602 Depth 



603 Data Pointer 

604 Tag Pointer 

605 Signature Pointer 

606 Data Division 

607 Tag Section 

608 Signature 

100 Data Prbcessor 
110 Bus 
120 I/O I/F 
130 I/O I/F 

131 A/D, D/A Converter 

140 Cipher-Processing Means 

150 ROM 

160 RAM 

170 CPU 

180 Internal Memory 
190 Storage I/F 

200 Removable Storage Device 
300 Contents Distribution Terminal 
320 I/O I/F 

330 Cipher-Processing Means 
340 ROM 
350 RAM 

360 Control Means (CPU) 
370 Storage Means 
380 Storage I/F 

400,500 Regenerative apparatus 
600 Removable Storage Device 
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e> to^'-i' y p - F 3 y r y ij^t" ^ X- ^ 
BT'^D, HuIBHWffiti, BulBx-^mSBtcWJtW>f 

^^m^ttmmibnfMmzn LTiffiBBi^gi ( k 
con) ^mm Lrc^^mw^%nt^m^X'h^ e i: 40 

[II*S5] HulBIBiS!«i*fi, MIBWIBIB^SStcWL 
T«IMBI6g^ "J A-/^7';l/8Basi®i*T'S-l. ct^^mt 

t^m^m 1 tiBiioiisifi^^Ho 

[fl^ae] HulB^?A{t:+-:rp<v^ (EKB) tiglfl 
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2 

Tfe?>;l/-KcWLT^S$n/c;l/-F+- : K r o o 
t T-fe5 c 1 tfB«<OlfffiiBiia 

Bo 

[Ii5)i«7] miMM'C^--:ruv'7 (EKB) fCtSlfl 

(DNK) lCi:5BufB*^<k+-:^0-)'^ (EKB) <D 

Hc|B«(D«fgfB®gHo . . 
[ii*«8] HufaW5c;j^t*-^D-v^ (EKB) {C1§S^ 

n. 

\t -7:^^-cD'>:& < i: t v^Tti*^^#ty4^-(c J; t) Bg 
#{tLfcW^fl:*-7p-y^ (EKB) {c<g|fl$n/cM 
ir^ ntdmm U -«fi!tSi^. tulBx/ u x y - K+- 
(DNK) tiSHulBWrn^-^P-y^J' (EKB) «0 

W^S l tclBacD'If^iB^SBo 

[if^«9] m^^^'mmi. 
mm\mum^m<omMm\znt^^^m (Kcon) 

mim 1 iciB«©'HiBiB^SBo 
^a^iiff-r^ts^ES^SBtcjji/^T. 

B@WC>U--7+-i:*^6'S:5T>'WXy-F+- (D 
NK) ^1§*fttfcfB1t^Si:, 

T{il5§g<7)/- F^-Sfcti';-7+-<0'>*< ^ tv^ 

(EKB) ^HfifeT''Uxy-F+- (DNK) 
rm^LT, K^^{t*-7P>y^ (EKB) fC^Irt^ 

TBg^fkLfeBf^ilx-^><D«#ffia{cJ:DBi^ll (K 
con) ^m9U 

(Kcon) ^mmLfcmms^m^miLx. Huiets^ 
x-^tcjiffl-r^^^n (Ks t) 

(K s t ) (Cj;5<SiS«im#{bx-^' : E n c (K s t , 

DATA) (D-imim^mit^im^^^t^nt^^ 



(3) 

3 

3] miMmt^-fu-J^ (EKB) {C^g 

o t X'h^ct^^mt^^m^^ 1 QKmm<DmmM 
mm. 1 4 ] mummt^-y^ -y ^ ( e k b ) tcis lo 

BuiBi@ii>yu-(D±{4+-^T{4iiii«y- F*-Sfc 

mtLfc^mt^-ftiy'!/ (EKB) tclg^flijnfcM 

(DNK) iZ^mm-^mt^-^uy^ (EKB) O 
^ Wit J; t) SJ'#-r Si^fiK^^-r ^ i: ^l^ti i: -r § 

mm i oicmmmm^mMo 20 

xy-F+- (DNK) ^mmLTztm^mt. 
^mmmysmcish^x. 

S±SlcO|lWffitcWtTBi#Si (K c o n) ^JlfflL 
H (K s t ) ^^filc-rsxr -y^i:. 

MBHi^si (Ks t) \cx?>^m'r-9(Dmmtmmic 

ioTBl^^kx-^S' : E n c (Kst. DATA)^^ 

BtjfSH*fIOB|WItCiiffltfcBg^SI (K c o n) 

BuieiS§H^>'J-(0±{i[+-^T{!i|5i)lcD/-F+- 
$ rcli U -7+-<D'>jS: < i: i/^-rn*^^#Cy4^-Jc .}; 
t)Bf#{bLfcW^{k+-7D«y^ (EKB) {ClgS^^n 

^fi!t-r§7.r>yyi:. 40 
. 7r^;l'i:. Mf2W5<i{b+-7"n-y ^ (EKB) t^. 

Knit^iiii'^^nrcm^mx'$>^!it^umtt^mm 
Cii*«i 7] mEimmmmmit. 
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SuSBBl^H (Kst) ^^^t^T.T-yfli. 
/c@e{gtWLTHiilfiHi^^ (K c o n) ^grjiffltfcBf 

s 1 5 {cfe«(DfifgsBifS73 s= 
imi^mi 8] HuiBx-^S4gs<7)HWfflt±s ^x- 

[n^«2 0] BufB^m+->^P-y^ (EKB) tcl^ 
F-p355;l'-F{c5tbTiS^?nfc;l/-F+- : K r o 

o t x^^nt^^Wit-r^imm 1 5 {cisK^it^iB 

im^mz 1] mm^mt^-yxny^ (ekb) 
iS^^n/cPgg'y ';-«fiXSit±> tuiBx/wxy- f^- 

(DNK) tcJ;;5BfifB^m^-7D-y^ (EKB) <D 

m^'^micx'^mmm^ji^x^^ct^^WLttmH 
*a 1 5 ic$m(omm?m^mo 

imMmzzl BufBWa{k+-:7p>y^ (ekb) icm 
mtLtc^mt^-f^y^ (EKB) jc^siift^nfeM 

(DNK) (cJ;5HGffiW^<k+-7"a-y^ (EKB) <D 
BulBlflBIBS^aoHWfittJt-rSBi^SI (K c o n) 

immz 4] itisos^5if^s4gi%'j-7^b 

y-F+- (DNK) ^^mLTcmw-^^it. tmmw 
-rsii^fis^^Btcistts. mmmmma&mttirz 



5 

(EKB) ^tfif5r^U7./-K+- (DNK) ^fflV^ 
T«^LT, mWhit^^-fuy:; (EKB) {C^SJfl^ 

con) ^m%t^7.TVft. 

(Kcon) ^JifflLfcBg^Ma^^tTbT. HuiatSlft 
x-^'tciifflt^^^^ (Ks t) ^^fiJtt. 

(K s t ) {c j;§tSiS^Hi^ft:r-^ : E n c (K s t . 
DATA) ©^^«ia*g|fT-r 5 X-r -y ^i: . 

im^mzil B(il2Wm+-7"P'y^' (EKB) ic^ 

KT'fe5;l/-h(c>ittLT^^$nfc;l'-h+- : K r o 
o t 7:$>^!lt^nW.i:t^m^m2 4 lC|2ig£DlfffiS 

[11^^2 8] HutBW?Wb^-7D-y^ (EKB) 

mtbtz^mt^-ytiy^ (ekb) {c+sffl^n/cM 

(DNK) tCcfc^tufBW??/]^b*-7a-y^ (EKB) <D 

Sil««2 4ti:ts«<oif$BS4:^ao 

7.7- (DNK) ^^mhrzum^mt. tmm 
IS t ^wr -stiffiiefii^sfc ^nt s iuieiB® js<*tc wr 

n^mmom^micnLrm^m (Kcon) ^jifflt 

g| (Ks t) ^^^t^T.T^'y/t. 
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tummm (Ks t) tct§igiflr-^<DBi^{bMc 

cfcoTBg^ibx-^ : En c (Ks t. DATA) 
fi!c-rs:^T>y7'i:^ 

SijKH^{i<DHi^J{iatC5iffl bfcBf^H (Keen) 

s fc u - 7+-<D^!>^ < i; t v>-rn*^^#o * 

DBi^fbL/c^m4-7P-y^' (EKB) tc^S^^n 
^fiit-rsxx'y.yi:, 

7 7'^;l/i:. fii85W5a]{l:+-7"p-y^ (EKB) 

im^ms 0] iti?![©s^§iffss4S«*'j-7t L 

- i: IgS^BH W«D U - 7 i: *^ e> * -r / W X 
y-K+- (DNK) *:tgS^bfcfBtl¥Si:^ f3^(ii* 

ff-&L46?)7"P^'*^A-efeoT. HfifB7P^''^At4s 

T{4Pt«<3Q/-H+-$/c{i'J-7+-©'>*< 

(EKB) *tufBx/WX/-F+- (DNK) ^ffll^ 
T«^tT, iSWm+-7"P'y^ (EKB) {c1§Jrt$ 

fuiBiBK!«i*{c<s^rt$n/cMtBPgJi^y u 

30 con) ^mmt^7.-ryft. 

(Keen) ^jifflL/cBf^iaS^grlltf tT. tulBtS^ft 

f=^-^tc3iffl-r;5^^ii (ks t) ^^bKu 
(K s t ) ic^^mummtT'-'S' : E n c (K s t . 
DATA) cD^^jaa^^fT-rsx-r-yyi:. 

Wr •& c ^It^ 1 5 7"p Ao 
[000 1] 

JcT'ny^AtcM-rSc ifi^. y-A, y 

p^"-7A§«^^3yT:/^ycDS4;g:. lE^^n^T^y 

[0002] 

50 HfljiT-^fll. iBI>5?*y7l->>x7x-^' (J.;iTs cti 
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ei^ny-f y^y (Content) tif^') -^y-^i—^y 
hm<0^^yh'7-'>. feSt/^li. p<^U*-F. DV 
D, CDl|(0}Jit)iRltg*taiijii*^^>UTj5iiii$-&i)3 

y'ryyli. a— >f (DfiltW-f i> P C (Personal Compute 

r) , mmmm. T—^m^m. ^5vHiy-A*igi 

fct). ^§VHip<ty;^7-h% CD. D VDl?(DBB1«^i 

[0 0 0 3] mwnm. ^-Asiii. 

3!)^5)§M-r5fc4f)<0§€iltls ^§1/ Hi DVD, CD§ 

-:S?(D^^U^tiKi:LTlIffl$n5R AM, ROM^^ 
[0 0 0 4] ^mT—^. iS^x-^, $.5tHi7°Pi'* 

[0 0 0 5] ^-hZfaifyL. ^^x-^. B^f-- 

[000 6] a— <f lc*f-r 5fiJffll<M^^]11-5 1 
[0 0 0 7] B§^<kx-^ti, pfim<0^mici::&m^ 

[0 0 0 8] ^mmtmmtm^m^^^T-'^^n^it 
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(Di-^Sfi^^T^StC D E S (r-i?B|#^^ : Deta encry 
ption standard) if'h^o 

[0 0.0 9] ±m(ommt!m. mmticmi^^^nm 

465 otii^^t mmtfi^ mmxh^ o mxi£:i.-^'ts^ 
•tkibrc;^x7- t Lx-yj\^^m^^mm u 
^(Dmtucm-^^'xv^mm. umtm^^i&t^ 
fe<DT-feSo co^oicLxm^nrcs^mtf^-, m.nvc 

[0610] $fc, eBmtt^t^ic^mt^^mm 
nLfc^j^rm^m^'xeimmm^'im o » <ikmm.\z j; 

SJtDf^aW^tcDtCtiR S A (Rivest-Shamir-Adlema 

n) Bf^^^sso !i(Dj:^rssmity3^^nmt^zt. 

^ rT Hg t -r v'Xxii*^ Ritl i: * 5o 
[0011] 

fi^J ^ ^ ^ U * - K ^ ^ © y A-/ ^ r ;H2liSB ^ CD 

xn^tntzo. iE^icimtmmmicu\d-tnx. 

So 

[0 0 12] *^B^«, CCDcfc^ftfit^SW^F^Mj^^ 

liSSfc^giift^ nfc 3 >f y -y ^ :3 yf- y >y ©lE^i^ A 

[0 0 1 3] $e)tc. ^fgB^^fi. fiajx-tf+f-tfT-ya/^ 
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coo 1 4] 

i:*^e)^5r>'Wxy-F+- (DN 
(Kcon) ^jifflLfcBg^^a;&^ffLT. SuE^SSfl 

9—$'icmmt^m^m (ks t) ^^^gu ^Bt^n 
(Ks t) icx^^mr—^(DSBm\:mmic^^r^^ 

itf-^ : E n c (K s t . DATA) ^^^L. fijlB 
aWflOBi^SaSliliiffltrcBi^lt (K c o n) tu 20 

itbtcmit^-zruy^ (EKB) {ciSi^^nmw 
-^'TT-r/i/i:. tuiewm*-:^D«v^ (ekb) t 

[0 0 15] *^B^cDlf$Bie^SB<0-^Sg^ 
«(ci*3V^T. HulBlt^Or-^'S^gBtix MIBIf^tB 30 

[0 0 16] ^etc, *fiB^©iffssB^gH<D-^mi 
fllicfcv^T. B^iiB1f$8IB^gfi^i^ =iy7-yy(om{9^ 
mnt^^yT-yymmiQ^r^h*). miiBiitstox-^ 

h'::iy7-yy^mmt^T-^n±^mx'^*). mim 

-^mmmicfiiZ^wibtircm^micti Lrmz^n^ 40 
n (K c o n) ^mmLTc^iu^mm^M^itm^T^ 

[0 0 17] $e,tc. *fSB^©ifisfB@gs®-iissfti 

^tcfeo^T, HfitBx-^'S4SgO@=^tta. ^x-^f 

[0 0 18] Setc. *f8B3<Dlf^IBSiSBcO-|im^ 
1$tc*3V^T> B5IBIBi^i«i*ti:. mjIfitSfSIBSSHtcJif L 

■rs. 50 
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[0 0 1 9] $5>tc. *MB^«oif^E^as<^-iimi 

lilCfcl^T. BulBWm+-:7D 7 ^ (EKB.) tc^^lft 
T'fei.Vl'- btC^bT^^^n/c;l/- h4^- : K r o o 

[0 0 2 0] ^ ^nm(Dmmmm^m(o~'^mm 
mic^^'x. mmmmt^-y^y^ (ekb) 
ti\rcmm'y')-mjm',i. IuIBx/w.x/-f+- 

(DNK) {cJ;;5HulBWa{t+-7D-y^> (EKB) <D 

[00 2 1] $ P>(c, *fgH^cOlffgfBiSSfi<^-limi 
1itc*3t>T. mUmmt^-f^y-!? (EKB) {c1^^ 

n. BulBlfffilB^aBti, t5fBI5g«^y'J-®±{4:^— ^ 

(EKB) fctssfl^nfcMfr^nfcKM^y u -«fi!cii 

HtlB7-VWxy-F=?^- (DNK) tCct^HulBW^a 
fk+-7P-y^ (EKB) (D«^Saa(cJ:0Kt#-r<5« 

C 0 0 2 2 ] $ 5. tc. *|g^<Dtif8l3SSfi®-^SSS 

m^Biciit^Bu^m. (Kcon) ^u.mcm-^\,^z^ 

[0 0 2 3] *liB^Om2(D{|IJffi{J. fB^j«<* 

/c|5gM^yu-ffiii%«fi)c-r5#/- Ftcawcoy- f^ 
y-F+- (DNK) ^mWibtcE^^^t. mBBB 

^ML. mifBBi^^Qa^siiv mmummwiz^mn 

Bi^lkLfcWm^-:5^o>y^' (EKB) *MIBx/W 

X/-F+- (DNK) ^fflv^rm^tr. m^mt^ 
-70 7^ (EKB) tc*ss«i$n/cPgs^y'J-Sfi!tii^ 

(K c o n) *??#U HulB1f^S^SSg»<0EI 
WffitcWLT. lugBBi^H (Kcon) ^JifflLfcBg^ 

jqii^Mtlt. mm^mT—^Kmmt^m^m. (k 
s t) ^^fiScL, mm^m (ks t) tcj;i.<sirtBg^fb 

x-^ :Enc (Kst. DATA) <D«#5fliI^^f7 

So 

[00 2 4] ^ *fgWOlf ^S^Sfi<0-|ISIffi 

^s^^:^3^/^T. HijiBtfiiss4ag<D@wfati. mmmn± 
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[0 0 2 5] :^mn(omnn^mm(D-mmm 

[0 0 2 6] *fS^co1f|gS^SltD-5lSiiSI 

iit4ov^T. mm^mt^-^uy^ (ekb) ict&m 
tx&^ct^^mtt^o 

[0 0 2 7] $e.fC> *%W©1f$BS4Sg©-|lfififfi 10 

tntzmmyv-m^mii. m^si'SimrsmtLxm^t 
(EKB) ic^m titcMmtnrzmmy u 

mMT'/UXy-V^- (DNK) lc<fcSHulBW% 
{b^-:rn-yi' (EKB) ©^^jfflSt itJSi^-rsfil 

[0 0 2 8] *f|^O^3C0{||ffili. 20 

C[)U-7=^-i:*''6)^?>x>'^'l'xy-F+- (DNK) 

X. mimimmw(omir-'$'(on^^nrj:o^m<07' 
-^n±^m<Dm^imcnLxs^^m. (k c o n) 

Bi^H (K s t ) ^^^t^T^f-yyt. mB^nm 30 

(k s t) ic^^bmiy'—s'o^^mmmic^^xm^ 

{kr-^:Enc (K s t , DATA) ^^^t^X^r 

-^ft. mm^m<D«§^mm^cmmLrc^s§^m (kc 
on) mimmyv-(D±m^-^-f&^m(Dy- 

-{c J; D Bg^fk U/i^^{k+-:7P ^ (EKB) 

B|#llx-^'i:^#tyr-^^7r-i';l/i:, mi^^mt^ 
-7"D>y^ (EKB) i:^, BUlBie^iSWcl^ilfl-rSX 40 

[0 0 2 9] t^bic. :^^BE(Dmmimy5^<D-mmm 

[0 0 3 0] ^e.tC. *|gW«1i$BIBS^75j*0-^mi 
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WIBBg^SI (Ks t) ^4^-r5xx-yya. ^1- 

EWfittcMLTBuiBBi^il (K c o n) ^ilfflL/cBg^ 

[00 3 1] $ *:|iH^(Dlffg§B^:^?i<0-^fig^ 
1itc*3i/^T. ftij|Bx-^S4gfi(D@Wffiti. 1^7="-^ 

^(omm'f-^X'ib^ct^nwitt^o 

[0 0 3 2] $e.tC. *f?B^(DlffgsBii7^ffi<D-^M^ • 

[0 0 3 3] ^?>tc. :^mM<ommmmy]'^(o-mmm 
micisi^x. mmmm\t^--ruy^ (ekb) tc^gtt 

T'$)S;l'- h{i:MLT^^$nfc;l/-h*- : K r o o 

[0 0 3 4] $P>K. *^B^©1fffiEfii7?ffi©-|IS(6^ 
1ilc:fcV^T, BijfB^afk^-T'P-y^ (EKB) ICIgiS^ 
$n/c|5g»VU-ffifi)tll(iv tfiiBr/^-rx/-F+- 

(DNK) \cX^mmMm\:^-y^y ^ (EKB) © 
«^SaSt J: t) SJtf Wtl^rilT'S ^ i: ^If ^ "T § » 

[0 0 3 5] $&IC. *5gH^(Dlf$SiB^73StD-|ISI^ 
litcfcl^T. mtiWMt^-yoy^ (EKB) (C^S^ 

tnrcmm^v-m^mii. mmmtimtLxmm 

fi^-^T{!iligecO/-K+-Sfcti';-7+-C>'>^ 
< i:fei>-rnA^%-&ty+-t<:<t OBg^fkLfcWMk^- 
rp-yi^ (EKB) ic^m-isnrcMmttircmmyv- 
m^m^. miT^uxy-h'^- (dnk) fci^su 

IBW^lb+-7"P -y (EKB) (Dmm&mic i 0 

■rsiaa^r^tT-rsxT^-y T'^r^tf <: i:*mi:-r So 

[0 0 3 6] $e>(C. *f|0^cDlf$BiBi87??4©-5lSI^ 
:^tc*3V>T> fjH3'lf?BIB®:^j£li> MIBIff^BIB 

m&m(Dm^imcitit^smm. (k c o n) ^^Lmcm 
'jh^x^^t^T.T-yif^^t^^ t^mmtt^o 

[0 0 3 7] $P>tC, *fSWco^4<^fflJffiti. 
*5tff^S^SS^ U -7.h Lfz^my 'J -«3i;S:«fi!t 

iJ-7^-i:*^5>*Sx/Wxy-K+- (DNK) * 
ifg^Lfclfili^Si:. IB§ljSf*©^*ftr-;5'<Dit^iaa 

nrcBuiBPgs^y 'J -<D±&=^-^T&mm(oy- k+- 

K)iMmtLrc^mt^--yay (EKB) ^buIBt/^ 
-l';5./-K+- (DNK) ^ffll,>Ta^LT, S^Jcb^k 
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+-7a-y^ (EKB) {c^m^nfcf^m'yv-mf&m 

^WCct "9 81^11 (Kcon) ^^tf-rSXT^-v^ 

n (Kcon) ■^mmLrz^^^m^m^Lx. mw& 
^^'r—^^zMmt^'^mm (ks t) ^^^l. mm^ 

H (K s t ) ic^^^m^mty"—^ : E n c (K s 
t, DATA) (Om^Wi^m^Wnt^T.T-y'ft. 

t^ctmwitt^mmn^ismch^o lo 
[0 0 3 8] $ p.tc. :^mn(Dmmn^y5m(o-mmm . 

[0 0 3 9] *fSW(D'tf$gS4:^S<D-^mi 

[0 0 4 0] fEibic^ :^9tm(om^n^yim<D~^mm 

:»{c*iV>T, Bfife^5a^l:+-rP'y^ (ekb) ict&m 20 

[0 0 4 1] $6.t, *%W©1t$gS*;?S©-^« 
litcfc'i/^T, Hul2Wm+-:^n ^ (ekb) tctSlfl 

7n>y^ (EKB) (c^giN^^n/cSSr^n/cPgW^y 'J - 30 

m^m^. Bufax^w7>/-K+- (dnk) tcisso 

geWm+-^P-y^ (EKB) (TD^^MCitJSJti 
[0 0 4 2] ^P>{C, *5IB^c0^5(^)iiJffi«> 

©';-7+-i:*^e))5:-&rV^-r;^y-F*- (dnk) 

n (k c o n) ^mmLrc\sB^mm^miLx. mm^ 
mT—^icmmt^m^u (ks t) j&^fijc-rsxr-y 

Bul2Bi^SI (Ks t) tcJ;?.1g|ftx-^<DB|^{t: 
imiC^orS^mtf—^ ■• Enc (Kst, DAT 
A) ^^fiStfST.x-yT'i:. ijIHSWiKOBg^JftStcji 
ffltfcBl^^ (Kcon) *s MI2Pg]i>y V-<0±fi^ 
-^TffiKSOy- F+-S/c«';-7+-(0'>^:< i: 50 
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Bi^{bbfcBi^iix-^^4fi)t-r^;^f--y7'i;, Bfii2Bi 

Jlt. Bul2^5afb+-7"D-y^ (EKB) t^. 151212 

gj«wc^g*rt-r57.T>y7'i:> -^mt^ct^t^mtt 

[0 0 4 3] *||B^(D^6(D{|i|ffiti. ItSOS 

^-StS^smSS* -7 i: tfePga^y U -Stii^Sfig 
U-7+-i:A^e.^5x/W7.7-K+- (DNK) ^ 

*Si^u/ci2ti^si:> Bmi^W(DmmT-^<Dm^^m 

fuB2IBISI«i*{ctSiN^;jn/c1S^7=-^£DS45!ia>g: 
fe-tj-C. Hua2:/o^-5A{i. Hfit2l2^^Si*t*S*fl Stxfc 

BuSBPiJi^y o-(D±&.^-^Tmm(oy-]^^-i^rz 

« U -74^-(D'>^c < i; fei/^-fn^^^^ty^^-tc J; OBg 
mtLtc^^it^-fuy^ (EKB) ^BuS2r/W7. 
y-K+- (DNK) «rfflt/^T«#LT. 

7'P-y^ (EKB) ic^mtntc^myo-m^m^m. 
mt^xT-y^t. m&mmwiz^mtEtircmtmB 

atium^a (Kcon) ^mmt^7.7-yz^t. m 

l21fffSS4SBi#«0@#ffl{cWtT/Huf2Bi#il (K 
con) ^iifflL/cBg^^aa^HtTLT. mif2^&$fix- 

^icjgffl-r5«#si (Kst) ^4fi!cu mm^m (k 

s t) tC.t^^SlrtBf^lkr-^' : E n c (Kst, DA 

TA) (om^mm^mn-t^7,Tyzft. ^mt^nt 

[0 0 4 4] *i3, ifmn<r)-:fu^^^ut. ^ij^tf. « 

5 (if*, 0>Rtfs CD-^FD. M0*ir<0|B1i!i{*K:^ 

if fC J; o T t lim^Hg^ y P AT-« S 0 
[0 0 4 5] C:(Di^^7'Pi7^A«, Z^U-ty-^m'M 

[0 0 4 6] *%B^<D^P>{cffitDBW> 1t^^fiJ;^ai> 

m^j:Mmic^-oxm^Mzrji^xs>?>^o 

[0 0 4 7] 

r- ^^aSv-Xr AtOjiffl Rltg& p >f- y ^y Eft v-Xt^ 
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SfS L fc 3 y X > >y ^jE^Stc f6 c T L T . iifix- 

^-;^>yM|(0*'y h7— 5'%:n-tT. SSVMi^^'J 10 
7!7-K. DVD, CD, ^(DimsB,^mW^:frLXm7 

[0 0 4 8] nyxy^yffiffi^Sl Oi:LT{±. -fy^ 

BHfB!ffi*i 4^*^feD, nyxy^yffifgiS^i 4A^p)© 
3 y T y 'yM Acoi^t y U ;«J- K * if CD 'J A-/-^ 
:/;Haitgg 1 s^nyr y^ylBfiS^* i 4 tc-fr-y h L 

[0 0 4 9] T-*-^SaiI#g2 Of^Dr-'WXilbTfi, 
/^-V-f^l/aytfa-:? (PC) 2 1, 4^— 
'fx (PD) 2 2, m^nm. PDA (Personal Digit 
al Assistants) ^O^^IiggZS. DVD, CD7°1^ 
-■ ^^OieaS^tl, '^•-AiS*2 4, I5SS^S@2 

s^iA^fe^o cne.x-^j!as^©2 oo^T-vwx 
m t/cti, T-mw.^m.of)^^m.m^mx'$> . so 

[0 0 5 0] f—^Bm^mOlCii. 77-y->a^^- 
'J^dlBti^lS^li^/cD VD, CD, tfc, Bf^MS 

LTf4:>(^>JX'f'<"y^' (Memory Stick:^^,) ) *iffc 

[00 5 1] x-:?j!aa^lS2 0©^>!?li, BIA tfcn 

[0 0 5 2] *f|B^(Di^7,xAtci3l^Tl4, n^rV^y 40 

ii^g3otctti:'3bTte*fl-r5i^, fcit;, ^vx^^y 

BiA^{cnyry^yEfiiS5|5l 4 cDrtgp^ tctSJrtt 
nfc 3 y T y >y ^ 'J A-/ ^7;H2«Sa(i:*SiS^-r i) 1^ 

fc, f^ST'fiffflfcgj^-rsiiy-ry^ywBg^ibjaa^^ 

[0 0 5 3] mzifC. j-^ge^^nyry^yx-^O^i!) 
^mm^^-to ia2t^f->X-rA{4, nyxV^yiEM 
BSASS^KSOi:, nyxy^ytDIE^SffllA^^tTLTi/^* 50 
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l^r3yTy'y|fiEMPiA4S*6 O^^L, nyxV^yiE 

MSiAi^* 5 0 let o T^A^nfc =1 yf- y >y /(j^^j^if 

7 ^ <y ^ * U * if St^^l ?:F«9 
W. L fcj:< ^ U * - K (M^ If ^ t U Xx -C-y (Memory 
StickliSS) )^(D>J A-/^7;l/ieiSSfi5 2%/^LT 
3yTy7|^iE«A4S*6 OtCioTflJffl^rn^nltl 

[0 0 5 4] ayTy^yiE^iBgAS^*5 oti, -fy^- 
>-y MF0[)^-y>7-i', «IS|51i||%^>LT, $)§i.H4 
a yr yymm^^ 4 o {c U A-/^7';HS1iSS 5 i ^ 
■fe-y hLT:^-— ri'^tr'-iSf, H^r-^^, 7p^"vA' 
yx y^y ^tS^-Ti. * if osaa^ii 3 yx y 
'y(DliA^tT^3 c ii7b^T'*5c cnatDny-ry^ya 
^^tffi^mo fc:i— tf tffl^^ns yr y^y T-fe 
ofcO, ^^cDSSa— if[Biitti:S^,$ti?>3yxy7 
jb^^SnSo nyTy7iEM^A4S*5 0(i, (i, ^y 
xy7x-^^i|SiM-r5{cSfcoT, j^JStfSUT, it 
- (f X 7p / ^-Y ^*<D X h n y e :x -^f i; ©MT^MESQ; 

a*3 t;is^5aa% if 9 o 

[0 0 5 5] nyry7iE^i^A!^*5 0{4, iE^g*# 
ggt tc J: D ^A b/c n yx y -y ^rtSP^ ^ U tc^SIrt t T 

s^f^saaA^niBg-efe^o *fc, mx^yy'yy^v 
A-/S7;i'i2iis« 5 2 tc^sffl-r i>Mat RiegT-fe t) , 

cn%3yxy^y|^iEM0IASiS*6 Otc-b<y h-rSili: 

tmmxh^o S/c, nyxy7iE^igA^*5 0*^3 
yry>yiHffiiffl*4 o{c-t<y H Lxayfyyomx^ 
It* o U A-/ ^7;H21SSS 5 1 ^HS^n y-r y ^y If 
iEmWASffi*6 0t-b«y h-r^ii i: tBJtgT'feSo 
[0 0 5 6] ^^B^Wi/XxAtCtSV^Tti, cn5.<Dn 

yxy'y#iEMmAsiS*6 otc-t-y h^n/cu a-/^7 
;HB1iSM5 2, f fc»U A-/^:^;l/iB1iS®5 i 
cDnyxy7S^%gfltL, nyxy^yjE^iSASS^S 

0 tciov^To*s4Bitgi:-r 5«ia*^*sn5o 

[0 0 5 7] E2{CS-rUA-/^7;l/fB1iSg5 1, 5 
2 {d^sf-r 5 n yx y^y iE^gl»A4S* so* /cl4, n yx 
y 7iS{fi«*A^ e. CD 3 y X y >y X- (DtSlflo^tc « n 
yxy>y<Dst^{bSaaA^*fT^n, Bg^fbnyxy^ycD 
^^jaa^rn yxyyiE^AiS^K 5 0 fc*3i^T<D^^Rl 

'D\^^xmmt%c 

[0 0 5 8] i^-mmmi&t bro^y u- (*) ^iit 

tov^T] ±aiCD<};7^3>7"yytc^-r5Hi#Mc 

jiffl-rsBg^Si, ^jxt^ny-fy^ycDBt^saatcjiffl-r 
sayxyy^-, Si'-ctipyxy^y^-^Ri^fb-ri) 
fc4i)<D3 yxy'y+-B|^<k4^-ll<D«'«?^:Bg^5!ia+ 
$i^{clE^*5-Y-feyx^ifOx/^-i'XfcEffi-r 

[0 0 5 9] 0 3(DgTSte^N-r-f y^^o~i 5*^ny 

xy^yx-^f(DS^, mn^'iiiio'f—^mm^mzo 
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[0 0 6 0] §r^Wxo~i 5ti, iaJiBtfeS^,^^itti 

■rso <:ne.+— b>y h^x/wxy-F*- (dn 10 

K) l23(O«Tgti:^-rK0 0 0 0~K 1 11 

1 Jb^^x/ W 7. 0 ~ 1 5 tC^n^ntJ (3 ST 6 n/c u - 
7+-^feO^ S±SODK root 

-:Kroot~Klll K4^-i:-r?)o 

[0 0 6 1] Hatc^-r-yj-SfiSctcfev^Ts m^i£T 

/WX0t±';-74^-K0 0 0 0i;. /-F+-:K0 
0 0. KOO, KOs K r o o t ^x/Wxy-F^- 
(DNK) i:t-Cm*-r5b x/WXSaKOlOK 
KOlO, KOK K0> K r o o t^x/Wxy-F 20 

^r- (D N K) i: Lrmw-rso x/wx 1 5 ti. k 1 

111. Kill. KIK KK Kroot :^t/U 
Xy-F+- (DNK) tLXm^t^c ^*3. 0 3® 
'y U -fC«x/U X;^^ 0 ~ 1 5 © 1 6 <i<D*iai8$ n> 

^y u -liJi 1 4 $m^(Di^'^(D t n/cS*mii^ i: b 

fig^n, Sfc. ^yU-©#g|5{C*3t/^TS*5SISfllfi!t?: 

[0 0 6 2] ttc. ia3©^yy-«ii{c^in?,#-rv^ 

5 W X{c«ffli S a^cS^^ nfc 7 7 «y a 
^tU^^^fflLfcyt'J*-F. DVD. CD. MD 

snri^So ^^K. «i>5?*77'';y-v'3>-9--ex 

7 7 'J -5^— > 3 >«±t?¥«^(0±ic 0 3 tc^N-r :/T > 
>yfe?.i>{iil6SflJ«fi£T'S?.P§H^y'J-«ig*M$n 

[0 0 6 3] c:ne>«D«i'5?^x/wx. ryuy-v/a 

^^*^«1?-r-5>^Xri:.t*3l/^T. 3 ©BUST'S 40 

h.rm%. -r^tj-^x/uxo, 1.2. s^srisi-tDfe 

{f . C <D.^.*S-(?H A.fc ^Ol'- t # S n ^ X ^ W X tc 

WtTti. Si:46T. «ii(03yxy>y;&Bg#{bLT7'- 

DM^r ^is'^m^Lfz t) . §x/ w x«afci^ffl-r 5 3 

y^y'y^~^m\-^Ltz*) . feSVHi§x/Wx*^5)7 
W ^'^5 iHij^iSiJM^fc n vx >'yi^ife©mx 

«l. §x^UXi:<7)x-^3MSffl%fT*9^Ma. 03 50 
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^D^ilST■H^fcm\ t^^-^r'WXO. 1. 2. 3 
^ 1 o©^*;l/-7'i: LT-lSLTx-^%3SI#-r?>«iS 

a^iaii. =&x/wx.hcDx-^fj3^^fi^ff^^^M 

(i. ^•y-b-v'x-^'gBffi^lS^tTil^-r^o 
[0 0 6 4] ^*3. y-F4^-. ';-74^-{i. S5 1 
y ^ i o TMtS LT LT t i i/^ L. 
&^*;l/-7(c^<t-r 'Sfll'^? 'S:x-^?)M§{i%^T* 5 7'D/'; 

-F+-, U-7^-«0iJ^tf+-<fii?S^'^^o{i:M 

[0 0 6 5] CcD^y';-^3ilC*50->T. 0 3 A^&^e*;^)^ 
^.fcai;:. ioo^Vl'-7'ti:#$n?>3oOx/WX 

0. 1. 2. 3tty-F+-i:LT«ji<O+-K0 0. 
KO. K r oo t*{S#-r5c COy- F+-i±W1ifi!c 

x/wxo. 1, 2, 3<omtm^t^^tt>^^mtiSi 

Tct^ii. «ji(c«wr5y-F+-Koogf*^ 
nyx^^y^-iiLT^^-rntf. mtcrjimmi^nn 

■rSiii:^c<x/WX0. 1, 2. 3a)it^{cttji©:3>' 
xy'y^-O^^j&^RlHgTfeSo ^/-c. «T/c:&nyx> 
'y+-K c o n^y-F^-K 0 OTBf^ftL/cfflE n 
c (KOO. Kcon) ^. ^-y hU-'^^frLX^^ 
\,HisSmi^WicmfitiLXr'fUXO. 1. 2. SfcE^P 

•rntf, xvwxo, 1. 2. 3(D^i)\ ^n?"nox 

/WXtCfc-O^TiS^-r^rt^y- F^-K 0 O^ffll/^T 
Bi^Enc (KOO. K c o n) ^g?t/^T3yxV-y+ 
- : Kc o n«:t#i)(:i:A^Bitgi:;&5o Sis. Enc 
(Ka, Kb) {iKb*Ka{cJ;-pTB|^{l:L/-c:x-^ 

[0 0 6 6] tfc. t fi:*5V>T. x-'WX3<0 

PH^t^m :K0011.K001,K00,K0.Kro 

tt/^^MLtcm-^. ^nm. ~>XxiA (x/^l'XO. 

1. 2, 3«o^;b-7') t?SI^{i$nsx-^;&g=5fc 
i6{c. x/^-('X3^>'XxA*^e.^osi-r'i:wfe5o 

^(Dtclbiai. y- F+- : KOOl.KOO.KO.K 
root ^^n^^nfffc^SK ( t ) 0 0 1 . K ( t ) 

00, K (t) 0,K (t) rootfcMilt. X/WX 
0, 1, ZK^CDWSx^-^^^^iiMtl^h^o 
X\ K ( t ) a a a (±. UK a a a ©ISf^ (Generatio 
n) : tOmf^^^-X'^^Zt^Tnto 

[0 0 6 7] Mi^+-^oE^^aiI^c-^l^Tl^Hg-r5o + 

-OMirti. fiaj^fi. 04 (A) Kmt^mt=^-7ti 
v'P (E K B : Enabling Key Block) i:iq^{fn57n«y 
^x-:?^*-y F7-^^^LT. feS V^lif5@$g#{C 
^gJrtLT#x/WXt«±if&-r5Ci:ti:J;oT^tT^n 
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§o ^mt^~yay!7 (EKB) ti. MST+-^Hi^ 

(EKB) +-Mfr7P;y^ (KRB :Key Renewa 
1 Block) tmiix^ct^&^o 
10 0 6 81 m 4 l,cmt^^it^-'^^y'> (EKB) 

msim. trjiiot,. ia<?)-r/W7.y-K+- (dn 

K) %ffll/^T«#PlHl^x-c5^1Sfi!c^ifOEKBT'« 

0. 1. 2lC*3l>T^ 1S{^Ct(DM#f/-K+-^gE^p-r 10 

2. C i: % a W LTJgfiJc^ nfc :r D <y ^ T'fe . 

x/wxo. 1. 2©wr^#x/wxy-K+- (D . 

N K) ^fflV^T«^Rrtg%X-^S^*^Oo x/w;^ 
0. r/UXH4. W?i){b+-7Dy^ (EKB) (DW. 
WltiD^ Mfi/-K+-i:bTK (t) 0 0. K 

(t) 0, K (t) r oo ti)^m.n-&n. t^^UXZ 

ii. Mff/-K+-i;tTK (t) OOK K (t) 0 

0. K (t) 0. K (t) r o o t /!)^^t#^n?)o 
[0 0 6 9] 0iJ^t^> 04 (A) <DEKB{C^$n5<J: 
9 1 E K B {i:«1ta©m^{ki\^-*^^*ni.„ «TS© 20 
Bg^{t+-{±. Enc (KOOlO, K (t) 001) 
Tfe§o cn(ir>'WX2©^O'J-74^-K0 0 1 0 

icj;oTBg^{b?nfcMiTy-K+-K (t) ooit- 

£DBg^{k+-^«^L. K ( t ) 0 0 1 ^m^^tti^T 

t^o s/c. m^icx^mrcK (t) ooi^fflv^r, 

04 (A) CDT*^e)2SgOBg^{t:^-En c (K 

(t) 00 1, K (t) 0 0) ^m^^mtr^*). wm 
y-K+-K (t) oo^m^ctfi'^'ct^o mm 

:k. 04 (A) <^±A>5)2iai<DBf#{t:+-E n c (K 30 
(t) 0 0. K (t) 0)^m^L. M3&f/-F4r-K 
(t) 0. 0 4 (A) <D±*^5) llSa<OBg^{l:+-E n 
c (K (t) 0. K (t) root) ^m^LK (t) 
r oo t^tf^io -:^> f-'WXKOOOO. KOOO 

Hi. y- K4^-K 0 0 0 tiSif-r^w^tc^$nT*5 

^t. mm/-h'^-tLX-Z''m^j:<Dli. K (t) 0 

0, K (t) 0. K (t) root X'h^o f'/WT.K 
000 0. KOOO Hi. 0 4 (A) <D±*^e>3ggCD 
Bf^{k+-Enc (KOOO. K (t) 0 0)^«^L 

K (t) 0 0. ^^#U JMT> 04 (A) <D±i}^^2 40 
ISi<OB&^^k+-En c (K (t) 0 0. K (t) 0) 
;&«^L. MfT/-H^-K (t) 0. 04 (A) <D± 
A^P) lISS^OBf^fk^-E n c (K (t) 0, K (t) 
root) ^^^LK (t) r o o t^t#i.o IKDX^ 
fcLT. x/WXO. 1. 2{iMiTLfcilK (t) 00 

1. K (t) 00, K (t) 0,K (t) root^llS 
Cltjb^T'tSo ^c4b\ 04 (A) <0'l'y-r<y^;^a. « 

[0 0 7 0] 03{cS^-r^yU-^giS<7)±lsiSoy-K^ 50 
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- : K ( t ) 0 . K ( t ) root OMfT3b'!^ST'35 
0 . y- F+- K 0 0 «*<DgfrMSA^'2->gT'365^^ 
{c{i. 0 4 (B) (DM^it^-ytiy^ (EKB) 
1/^:5 Ci:T\ Mffy-F^^-K (t) OO^r-'WT. 
0. r. z\cmf^t^^tti^X^^o 

[00 7 1] 04 (B) tC^-TEKBti. m^^f^^<D 

■r?)^-&icfijffipiHg-ea5?)o :RWJi:UT. 03 fc^^ 

T'^-r^^l'-yi^fiDx/WXO. 1, 2. 3*^fe<i)gB^ 

(t) c o nA^£>S-e$.5i:-rSo x/WX 
0. 1. 2. 3©«3i(Dy-K+-KO O^MirtfcK 

(t) 0 0^fflV^TlPrfc:^«ji<OMIlT3yx>-y4^- : 
K (t) c o n^m^fbtfcx-^E n c (K (t) 0 
0. K (t) c o n) ^0 4 (B) iZTT^tEY^B tt^ 

[0 0 7 2] f^t)*.. X/WXO. 1, 2{iEKB^ 

m^LxntzK (t) oo^ffl(/^T±fEHi^x*«^-r 

nt^. tB#jf^.TCDn>"r>"y+-K (t) con*#5 
[0 0 7 3] [E K B^Mffltrc3yf-y>y4^-©SB 

^U] 0 51;:. t^^T-i^n^xv^y^-K (t) con 
*'fi§5Hafi?iJi:LT. K (t) OO^ffll/^Tigr/c^^^ji 
<Dr3>x>>y+-K (t) c o n«rBi^fbLfcf--^?E 
no (K (t) 00, K (t) con) i:04 (B) \iC 

E K B tmm.^w^itx.r^mLrzTfUxQXD 

ffla^S^to ■f^ts-^EKBtcJiSBg^fby-y'tr-i^-r 
-i5f%ny-ry^y:^^-K ( t ) c o n i: bfcPT'fc^o 

[0 0 7 4] 0 5tc?x-r<j;9ic. x/^'r;^oi±. I5§8i« 

mn^^-^nX\^^^m\X ■■ t^;t<OE K B ili:^-*^^?. 
*^i;J6tSJftbTV^i.y-H*-K0 0 0^fflV>T±Kt;L 

fci:i5Hi(0E KBiaatit). y-K+-K (t) oo 

;£4)?!t^^c a^t/-cMiffy-K4^-K (t) 

0 0^ffll/^TSfr:3 >-r>>y 4^- K (t) con^S-^ 

+-K 0 0 0 or'Bg^{tLr<s«fl-ri.o 

[0 0 7 5] [E K B<D>'*-V>y h] 0 6tC#5c!l{l:+ 
-7n-y^ (EKB) C07;i--V>y H^J^^x-fo /^-v* 
3^6 0 Hi. Mmt^--r^'y<7 (EKB) ©/^-v' 

K B ^sisj-r i.titg 1 3 >x y -y i: <^mK^%5^-r^ 

e^^^Oo x^xti. mMt^-':^^"^^ (EKB) <0 

Eflj5tox>'WXK5^-ri)KJi^y u -(DPgetic^^-ro 

r-^;}^^>^?6 0 3(i. W5<l)fb4^-7P 7 ^ (EK 

^oiie^^-r d^-r T'fe 5o 

[0 0 7 6] x-^fg|56 0 6{±. eiJ;^{i*Sfl-r§y- H 
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[0 0 7 7] 9V^e0 7li. x-^?a5(cti^$nfcBg 

5e ^TT'ti, x-^fi:tT5tfC04 (A) T'lftB^Ufc 
W^{b+--/D'>'^ (EKB) %i^{^-r?.0IJ^5^bTV> 
?>o dcD^cD-r-^^ti, a 7 cog (b) (c^-r«t'5{i:* 

-h+-©M«T4^-K (t) V o o tift^nXl^^O) 
r\ h>v7'y-K7KU7.ttK r 0 o t i:^i)o ilOi: 
m^l£m±m(D7'—5' E n c (K (t) 0. K 

(t) roo t) 07© (a) ICyfit^E'y') 
7i<t&SiiCib^o !1CX\ -^(D'f-'^lii. Enc (K 

(t) 00. K (t) 0) T'feOs 'y';-±T'ti:Hfi©T 

0. 1 A^iSS^nSo ^^"ti te (L) ^ 

^\ (R) ^^'} tLXWC&^n^o a±g®-r-^ 20 

Enc (K (t) 0. K (t) root) cOStttx- 

^n. 07 (c) KTT.tT—S'm. fcitf^f^WSfiit 
[0 0 7 8] ^'^'li. ■r-^' E n c (K X X X, Kyy 

— 9Enc (K X X X. K y y y) . . . ti. ¥^(CBi 

ct oTt-^j i: Lxmi-srircs§mt^-(Dy u 

0 : En c (K (t) 0, K (t) r DO t) 

00 : En c (K (t) 00. K (t) 0) 

000 : En c (K ( (t) 0 0 0. K (T) 0 0) 

(Di:o^j:'f-'5'mfiitt^Cti.'Sjmx^^t)\ Z.<Dii 40 

[0 0 7 9] laetMoT. EKB7;t-V-y MCOV 
T?e>tClttH^-r§o (Signature) tt. W^{b+- 
7D-y^ (EKB) ^f|?7Lfc{?iJ^tf§ISa-tr>^f. 3 

yy-yyu/u ^\ '(mwmmtmm^n.^f-m^X'h 

■So EKB^S^t/'CT^W7.«S^mti:J;^TiEa 50 
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r^mMt^-^u-y^ (EKB) Wn^if^WnLrc^^ 
{b+-7p-y^ (EKB) -e$>^ci:^fitig-ri.o 

[0 0 8 0] [EKB*{ifflL/'c:3yr>'>y:^r-*3J:tf 

^ E K B i: i: t icmi^t^mic-oi^'Xmm Ltzt)\ n y 
T yy^-Xfi^mtbtz zjyy-yyt. yf yy^- 
«^^^-xs§^itl■rz=lyy-yy^-t. EKBtcj;^ 
x^^mtLfc 3 yy- yy=i^-«m=^-^^-^xmnt^ 
mmi^-D\^^xi;iymmt^o 

[0 0 8 1] mSiCZ.OD'f—S'm^^^to 08 (a) 
^C^■f1ifi)^^c43^/■>T^ Enc (Kcon, conten 
t) 80 1«, uyfyy (Content) ^ziyj-yy^ 
- (K c o n) X'ffBmtLfc'f-^X^'!). E n c (K 
EK. Kcon) 8 0 2ti. ayfyy^- (K c o 
n) ^nyxy>y+-Bg^+- (K E K : Key Encrypti 
on Key) XB^itbrcr'-^Xh^.. Enc (EKB. 
KEK) 8 0 3(i, n>'-f>'y+-B|^+-KE K«rW 
^{k+-7P-y^ (EKB) K^^Xm^itLfcT'—S' 
Xh^Ct^TT^iTo 

[0 0 8 2] dCT'. uyy-yV^-^^^-Y^EY. 

0 3T^-r/-F+- (KO 0 0, K0 0 ••)^ $) 
§l>{i;U-h4^- (K r o o t) SttT'feoTtJ;<. 
Sfcy-K4^- (KOOO, KOO ••) . ^ySl^ti^U- 
(K r 0 o t) {C<fcoTBi^{k$n/c+-T'a6-3 

[0 0 8 3] 08 (b) W^<0':yyTyvif':f^T ^ 
T\Z^m.-Zi^. ^-n^nS^I^CEn c (EKB. KE 
K) 8 0 S^fiJfflLTV^^^-a-tDSfilt^lJ^^-r^ C(D<t 
9*1ifi!;tCfct,^Tti. #x-^fi:|p|i:E n c (EKB. 
KEK) %#ibP-r'5C^^<, Enc (EKB. KE 
K) tcy:/^'f 5U>i?$t^^-rx-^f^#r-^(cW 

[0 0 8 4] Hgtcn^xy^y^-Bi^^-K E K^. 

03lcS^-ry- K+-K 0 O^MSPrbrcMfT/- 

K (t) 0 Oi: tTlifi)cbfc^^CD«?lJ^S^-ro coif 

0, 1, 2fC^tfLT09{C^-r (a) Wm*-7"n'y 
^ (EKB) i:. (b) n^xy^y*- (K c o n) ^ 
nyTy>;':^^-Bg^i|^- (KEK = K (t) 0 0) T'Bg 
mtLtcT-'—'^'ts (c) ayr>"y (content) 
yy-yy^- (Keen) T-Bf^itb/cx-^ i^^SEfl 
■ri.ililtcJ:0. r-'^'l'XO. 1. 2(i:ny-r>'y%# 
Sc:i:*^T'#2.o 

[0 0 8 5] H9«DfeiJ(Cti. T/UT^OiCiSlf^m^ 

^m^^-Lx&^o x/wxoti, s-r. SMb/c^ja 

fk+-7P -y 6 &M<DU^t 5 'J - 7 +- KOOO 
^fflv^rcaWltcJ;*). nyryy^-BI^^- (K 
EK = K (t) 0 0) ^gS?#-r§o i^JtC. K (t) 0 0 
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{i:J;§«^fCcfc!3 3>'f:y>y+-K c o n^KtfU ^ 

€) tc a yf-yy*- Kcon(cj;»33 <D'«#* 
s^aa^JiT' E K B ^mmt^ cticx*). ='yy' 

(KEK = K (t) 00) ^fmt^Ct 

[0 0 8 6 ] 0 3 IC^fffitD-^'^b— y^Ox/'v-l'T. 4 . 
5. 6 --«, COIllfilOr-;? (EKB) ^S€U/ct 10 

•r*t>^x/Wxy-F*- (DNK) ^ffli/^rn 

yxy>y+-Hi^+- (KEK = K (t) 0 0) ^m.m 

•t>yh^ -r^b^x/Wxy-H*- (DNK) T'{±, 
nyxy*y+-Bg#+- (KEK = K (t) 0 0) 

[0 0 8 7] !l(Oiio\t, E KB^^iJfflLfcnyf-^'y 20 

i^lciE^lf fimo*^/!)^«^Bjtgi: L:rcBg^{tn >x y>y 

[0 0 8 8] fsjs. mmt^-fny^ (EKB) . n 

yy-yy^—. Bg^fbnyf-^'^y^ti^ ^>-yF7— 

{C^-yviy^ (EKB) , n^-rV'y*-, Bg^ft^ 
tc1^$tifj:'t55!i{t+-^P -y ^7 (EKB) (Da^lci 

^} t# e. n ^ 3 y X y -r 5 ^ tc^^tn 

(f, ^toiES1tfim(D*AWWT5U-7+-, y-K 

^-^z^^oX(omm^m^s.v^^\t^ >x ^^y ©gs^uja 

[0 0 8 9] 01 otiZimuw^cs^mt-^iyT-yy tt 
(EKB) ^m]Ltcmm\^ 
TT-to mi otc^r^jicfc-v^Tti, te^^i^fcnyxy 

yci~C4ff^mm^ti. $5>tc§tSJfla>x>«y{c5^ 40 
fSf i.(D*^{b4^-7D .y ^ (EKB) ^m-^mftcT' 

>y^ (EKB_M) A^1§tt^nTV^5o fi«JA(fEKB_ 
1 linvxy^yc i;&Bg^{bL/i:nyr>'^y+-K c o 
n 1^5fefi)t-r5<Ot{j6ffl$n. m«EKB_2tt=iy 

7-yyc 2*ai^{tLfc3yx>^y^-K c o n 

^{b+-7p-y^ (EKB_M) *'«tBSJj«Wct8iW$n 
T*5 0. nyxy^yC3, C 4 fi^m^^-rn -y 

(EKB_M) {cm{tite.nTi/^§or\ so 
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70 -y^ (EKB_M) commc^oayT-yycs, 

c Aoyayr-yy^-^mWt^ztti^T'^^o EKB 
ei^mc j; siHflfc o T^-n€n<D3 y X y >y 4^-^ 

«#-r5fc46{Cj2.S:&EKB_l. EKB_2^1Sjff-r 

[0 09 0] [pgS'y V -mM(D:^7-d U -^i-SI] ±xR 
L^-ci^lc. ;U-F^r-. y-K+-, U-7+-*^e> 
!S:503<D|iiS'yU-«3i^iSffl-r5ci:T% Dy-fy 
>ysf^{i:{cjiffl-r-5=iyxy^y+-<D*^*e)-r\ tss^ 

aE«aStCjiffl-r^^liE+-. iifflx-^f©?5jS^x-y^ 
m^^mt LXmm-r^ I C V (integrity Check Valu 
e) fei)l/Hi7'P^*9A:3-h\ y'—^m^ 

mmt^-fti-y^ (EKB) i:i:ttHi^{ktTSH{i 
■rsci:*^nItgT'^So y-F+-^l*«§L 

[0 0 9 1 ] 0 1 1 tpgS^y U-®ji<0*-rrfU-O^ 

±gtc{4. F:^^-K root. 1 101 ■b^'^t 
n> \:XV<D^mL\z{t/-Y^-\ 1 0 2*^^S^n; 
STStcii. 'J-7+-1 1 OSA^^^^n^o 
'i'yfi{@>J?(D';-7+-i:> 'J-7+-75)^?);l'-h4^- 

[0 0 9 2] J1<1T% -ff!li:LT«±S:*^P)^MSB<0 

fei>y-F^;?JxaUy-F 1 1 0 AtLXm.%t^o 

■r * fe-s^MS a © y - F(D#>5? ^!|t^:<3 7" u cDx^ 
-rx^^y- Fi:-rs„ ^Mm<o i o«Dy- F^iHj^i: 

LTJ.XT> M+ HSJ-;(Toy-F: ';-7li. ^O^r 
rf'J {c-t^n-Sx/WXtcM-r-Sy- Ffeitf U-7i: 

[0 0 9 3] mifSl lcD^Mgi<01O©y-Fl 

1 OStcfi^rnU [yt«jy.x-y-r^ (SS) ] 
^sn, <i(Dy-Fi^Ttca^sy-F. u-7«yt 

'J XT «y -r ^ ^filffl bfcfil>«r WX*^?y*T :f U 

*ffl<?)y-Ftfcf4';-7i:bT^S2n§o 

y-Fl l0 5iXT^^ y^ryx-r-r-y^to^fjf-rf 

u{i:s«?n§x/wxoMay-F. *3.to*u-7<o 

[0 0 9 4] $P>{C. Ml5A^?>ISS^TtiiOlS*+f7* 

rrfyy-Fi i oQthxwLmt^zhti^x^^o m 

A{f@ic5^-r<};^tc*xrru [y^-UXx-c -y i^] y- 

Fl 1 0 5®2lSTOy-F(C, y^UXx-c-y^^lS 
ffl L r / W X CD * X rf U {c # ^ n § -9- 7" ;^ X U y - 

vtLx. m^mmm oy-F^^^-r^c ^e. 

tc. •9-7";?7xrfUy-FT*fe5S4l|fflS'0y-Fl 1 

^Hg{tt«is«Dy-Fi \Q7t,m%^n. $e.tc^<^ 
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[P H S] y- K 1 1 0 8 i: [SI^WS] y- K 1 10 
Q^m^t^Ctt^n^c [PHS]y-Fll08 

[0 0 9 5] Axrfy. ^t:r;ijxrrU(i. 

77'n/W^f\ fil5igilM^*^34Stcl[iI-r^y-h\ t 

xrfu y~K^y-i.!B^^-*-<o)R^-r5y-A«s 

f§XYZ^ffl(D]S^y-Ki:LT^^-rnif. y-;!?- 

©i55i-r-5y-A^ggx Y z ic^oymi^/- hotpot 
tt#a+-<DEffi, MiT5!ia^> ^(om^y-K^-j-x 

^-T^Dv^ (EKB) «r^fi!tLTffi#U iMy-K 20 
aT<7)X'' W ;^tc W LT<^i?^tf ijfl3 pJtg^x- ^ A^BBffiRl 

COO 9 6] l-D(Dy-\^^lMj^tLL 
T, Ji(T«Dy-K^^<D]M^y-Rc«SSnfc*x:J 

'J, fe5VHi-9-/*7"rfU<DMay-Hi:bTiS^-r5 

ri'js<^iooisjsy-K^^a-r5y-*-s 

ruy^ (EKB) ^ailC^fiKUT. ]S.^^y-FJ.;(T 
fcSt5T^WX(cEfi-r5«^^^plHgi:*0, Il.'^y 30 

[0 0 9 7] [®lBSEKB{Cj;5:^^-gE^1tlfi!c] JfeKlU 

y-K4^-«rfflV>Tm^Rltg^#%{k+-7D>y^ (E 

KB) ^afe«LTji«-r?.o mti01 2 (a) iCTTst 
'yV-mmcis\.^X. 'J-y^m^t^y'^UT.a. 40 

a. g, j ©#y-KlCfca^T«^nl8g*^f^aj{k 
+-7a>y^' (EKB) ^^^LTBBff-rSo 
[0 0 9 8] PK.tfSlfT;l'-h+-K (t) rootT- 
n>r^/'y^-K (t) c on^m^fkJaaU EKB 

a. g. j«, ^ti^nA'tBi 2 (b) ^c/T^•ru-7^o 

cfctfy-K4^-*ffll/^T. E KBcDSaa^-^frtTK 
( t ) root S^^f LfcMfr;!/- h+-K 

(t) r o o t {CioTny-r^^y^-K (t) con 50 
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««^$aa^^tf urn yf- >'>y+-^t#i)o 

[0 0 9 9] C<D^-&tC}i«$n5^m+--/a-y^ 
(EKB) (Dffifigf*. 01 3{i:^-rJ:9tC:&§o Ell 3 
(c^-rW^&{[:+-7"a-y^ (EKB) ^t^HeTHfi 
B^UfcWJa^k^-lTD-y^ (EKB) «7;t-V>yh{i: 

TiiB^Lfccfc^tct (L) . :& (R) . ^n^nco:^!^] 
{cr-^*^$>n{f 0, »jn{f 1 %^LTi/>5o 
[0 10 0] ^mt^-fuy^ (EKB) ^SML/c 
T^/WXfi. W^{k+-7"D-y^ (EKB) (DB^mt=^ 

-t^ </icao*o^T. iiii^Bi^{k+-cD«^Ma^*tT 

LT±fiy-H<OM»r+-%B?#L'Ti/^<o 01 3fi:^ 
•rJ:^tc. W?Mk=\^-7n-y^ (EKB) ti. 
P.';-7*T'CDIS^ (x^X) ^©x-^f 
«{ili*PbTi^<o ©IS (f'y7.).li, xMVX («;- 
7) StfSUTJi;*:^ 5t>O-efe0, ^-^T^SBISfti:^ 

EKB©r-^a*^^e.K 

ti;*;-r-l. elite ^fe^o 

[0 10 1] c<OJ;3%W5Sjfk+-7'P-y^ (EKB) 
m 4t±. Wa{k^-7D-y^ (EKB) 

[0 1 0 2] 01 3i:lRl«. 'J-7^«fi)tf5TVWX 

a, g. jiciciLx^-. m^i>£::tyf->'y^-^M^ 

t^^'^^M'^t^o 01 4<0 (a) iCTTs-r^oiC, * 

§0 01 2 (b) iCTntmrncm-^^^^rmrc 

rji^yv-mi^tLxmi 4 (b) (D-jv-mi^timm-^ 

tl^o K r o o t ft^e. K j f T*a^<^^e*^^< 1 OfD 
KO^i^*^#ft-rmf .i: < ^ K r o 0 t ;^)^&K afciO'K 
gtcS^rc46lc{i. KO{c:a-te;^%^fiic-r?.<o^T% 2 
5i-te«^O01 4 (a) (D^y'J-*^«^?n5c 
[0 1 03] 01 4 (a) KTik-tX^lC^ y-KtUT 

KO(D^^^Jtoffliit|{kLfc'y';-A^4^$n§o MSKt^ 
-mmrcib(o^mt=^-^tiy -i; (ekb) (i. <in 

?)CiDfailS'yU-fc»-cJv^T^fi!t-r5o 014 (a) (C^ 

•r^yy-ti. ^m4^-^p-y^ (ekb) ^m^^m 

4«y- K$fc« 'J-7^«TISi: L/C 2^lKS>y 0 

mn<orc)!b(DmMt^-'^^y ^ (ekb) ckdh 

ffiUPiii >y U -CD y - K ^ /c (i U - 7 ^ 

[0 10 4] ^fecD01 3Xmm\^rzMMt^-7u^y ^ 
(EKB) (i, ^U-7a, g, j *^?> K r o o t tcS 
§$T'<Df'^T<0+-^»i^^kbfcr-^%1S$l«!LTl/> 

/cA^ ®B§fkEKB«. SBg^kLrc-yy-^^fig-r^y 

-FtCOU^T<D*-<D8g^{kx-^*1gi|fl-r?>o 01 4 
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(b) {c^-ri:9tc^^'(i3tr-y h^ifiSt^^-rSo m\ 

£ (L) . (R) , ^n^timfhiC'r-^tl^h 

tiiio. m^'itilii^^sto m3#icOf -y hti. EK 
B {C Bg^f k^- A'StSJfl ^ nr I ^ i. A^S A^^^N-r /c i6<D 

[0 10 5] y'-'^mmm.' &^^HmwMWic^^-^ 

^' (EKB) {i, 01 4 (b) {cs^-r<J:9{;:> 0i lo 

(Dtrji^o 01 4{c^-r^?i){t+-:^D>yi' (ekb) 
%SmL/c§r/W7.{i, ^J^^'toms hie 1 

x/WXa«. Bi^{bf-^Enc (Ka. K (t) 
0) %U-7+-KaT-^^br, (t) 
O^mmLX. /-F^-K (t) 0{CJ;oTBf^{b'r 
-^E n c (K (t) 0, K (t) root) ^a^L 
TK (t) root^lXtff^o -r/^XjCi. Bg^^t 20 
r-^En c (K j . K (t) r o o t) *U-7+- 
KjT-ffi^LT. K (t) r o o t ^BJf#-r?.o 
[0 1 0 6] ii<DJ;9{i:, ga#$t©f'''WXti:iorcD 

mm ntcy v -^m^t 5 u - 7 *3 j; t>v - K(d+- 

(O^^m^'X^mt^-^xn-y^ (EKB) ^±lS.t?> 

cticx*^. '>*i^x-^«(DWm+-:/p-y^ (E 
KB) *4fi)t-r5iii:*^plB6i:*0, W^fk^-^n-y 
^ (EKB) (DT-^fE«*%^«I(C||tTnlH6i:%5o 
[0 1 0 7] ^tS. ffililSfbLfc|5gJiyU-1ifi!c«, 'im 30 
Tii^-r^X^'f -f-f-frnfitOE K BSJSi^tCfcV^T 

Sfilc i: t T CD 7 U -«fi!c=&«^t / - K ^ V^^i 'J - 
7 5. as? L rcmWi<Dy - K § V Hi U - 7 CD*^^*7 

mtn^T^U7.tim^-^xiso. m^i<m^<ox.yT 

-rx^^H^y-K (•9-7;l/-h) lz^^X±mLrci: 
(snitDSiBS^b Lfc^y y -^ss^ lt ekb ^^fS.t^ 

(EKB) (DifiSt. BBjiA^pJl^i:*5o xyf^'xl'* 

{iL<D^mmmc'z>\^'Xiim^X'mmicmmt^o 

[0 10 8] ^fc^ j:<Di3^cW5a){l:+-7"a-y^' (E 
KB) %'f^7.'7. D VD^©1f ffitBiS(®<*(c1S^ 
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xo^t^mt^-^tsmmt^-yuy^ (ekb) 
■^T^izmmmm^^rnx'^^o ^ffuxit^^it^ 

-Zruy^ (EKB) jc-t$n§B|#{b+-T-^*^' 

ay^ (EKB) ^^y^-^-.-y h^O^y b7— J'* 
[0109] [ U A-/^7MSS«f*ti:?tT5 f'-t^lB 

/cW5«!){b4^-7'n-y^ (EKB) ^mmLt^mmmc 
fci,^T> uy7-yyn±^m7-t^mmtLX(DP c, 
m^nm. n^mmicMLxm^^tEtjimmmi^ (ua 

-/^7";HStiaB) . fiRJ^ffytUX-f-f-y^^cD^* 

V ti- Y\zn-r^'f—^^mm,^-D^-^xwmt^o 
[Olio] mmmmBM^iixs'^nn^^mm^') 

<Dmm\^^<tfviy^mxh^o ^wmzi.t. pc. 

[0 1 1 1] -r-^JfJaaSHi 0 0{i. x>'^;l'M^<D 
AtB:'35aa%t7^oAaj;'D I /F (Interface)! 2 0. . 
7:>-a^-ff#(DAaj;'3SQa^t7^9 A/D, D/Any 

1 3 1 ^m7ifzXdi>f} I / F (Interface) 1 3 
0, Bg^Saa^lSl 4 0. ROM (Read Only Memory) 
15 0, RAM (Random Access Memory) 1 6 0 . CP 
U (Central Processing Unit) 1 7 0. rtSPp^^rU 1 8 
0 , A-z^r^HBItSl 200<OF7-r7"190«rW 

u c:np){i/^xi 1 oKi^^TffiSKS^^nTv^ 

[0 112] AW:ti l/F 1 20a, 51-ai5A^6^i^2n 

5-ri/^;Wl^^S:flt. /^x i i 0±{i:iiS;/3"r?>^;i; 
ttc, /^xi 1 Q±.<DT'y^)\^m^^^^\^. ^l-gptctb 
;':-r§o AtH:^ l/F 1 3 Oti. A/D. D/Any/^ 
-^fi 3 i;&i^i5tTi/^5„ Aai;^i i/F i 3 0(i, n 
a5;6^e)m$n§ n yf- y^y i: LT(07-t a i^'fl^^g 
{ft, A/D, D/Any/^-^ 1 3 1 T*A/D(Analo 
g DigitaD^^-r^il i:T% x-y'^fyl/M^il LT/^X 1_ 
1 0±(ctH;':-r?.i:i:t{c. /^x 1 1 0±Of'>*^;l'ffi 
^^SflL, A/D, D/Any/*?-:?? 1 3 1 XD/k 
(Digital Analog)^j^-r^i:i:T\ Ti'O'i^mWtL 

Xs nmcmtit^o 

[0 113] m^Wm^mi 4 0(i, 0iJAtf, i^-yy 
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(DLS I (Large Scale IntegratedCurcuit)'P<gfi)t$ 
n. m^iV^7. \ 1 0 ^:l>LTm$4a 2) a yry>yi: 

S ii i: t BjHgT'fe 0 . c P u 1 7 0 ogJtgtc J; o T^t7 

[0 1 1 4] ROM 1 5 C PU 1 7 OA^HtT-f^ 
^'^tSlflf 5o RAM (Random Access Memory) 1 6 0 

(i, CPU 1 7 0ojasKi3v>Tiiff$n5:^pi^^ 

U170a, ROMl 5 0, F^gP^t'J 1 8 0l?lClS*ft 

ff-rso 20 

[0 115] I2^ggl/F 1 9 Oti, ■ri?^?;!'^-^ 
SH2 0 0A^P)X-^^®E?fmL m^L) . f'^XX 1 

onciatit^tt^ic. 1 G^^Ytrm^n 

[0 1 16] il<Ox-^«iagS«> 0 3^fflV^TlttH^ 

(DNK) J&F*3lS;»<^-y 1 8 0tc1g«ftLTV^5„ ^J^ 

7^^-KOOOOi:. : KOOO, KOO, 

KO, K root i:;&x/WX/-F4^- (DNK) i: 

V I SOU. Kliif} I /F 1 2 0, 1 4 0, SfctilBli 

a^^Mi:LT, i^tt^m\:^--:ruy^ (ekb) 
)^^is? i: L T t ^ffl rIh6-??$. 

[0 1 1 7] 0 1 SlC/TN-Tr-^'jiailSlti, ^-y h7 40 

y-r:/7*iE«{cBiAbT, rtgP^^rU 1 SOtctS^ 
rtgP^^'J 1 8 0*^5)3 yry^^^^ffitTS* 

W^!lft+-7"D>y^ (EKB) (0^m\t^^Xm%^^ 
l^{ctSlfl$nfcx/Wxy-K+- (DNK) T'EKB 
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[0 119] (p>'xy>y^§i^ffia) 01 etcf-'-^^^a 
asfi»j:*3tt5 y A-/^7';neiiS@tj^-rs3>-rv 

[0 12 0] *-r, x-^sfsaasiti, x-i5fiB^i«i* 

m-rSEKB^SS^L, iBOr/WXy-K*- 
(DNK) ^ffll^TEKBtD«Wi«rllfTU EKB 

Ofi?iJT't±, U A-/^7";HB1«gStc1g|ft-r § n yr 
iCjlrtiS-fSEKBti-'^-v^ay : t£DEKBT'St)x -f 

B%?J?#bTx/WXy-K4^-^ il(73^^{iK000 
^fflV^TE K BiDa^^^fTUTyP-h^^-K ( t ) r 
oo t^^tJttJ-Tc 

[0 12 1] i^t. x-^iiaagsti. a^^ie^LT 

tD^fiit^aSti, ^•yh7-:J7> Sfclinyxy^ySB^JS 
e>^^# Lfcn yf- y«y >r y 

T'$. *) , ^^gi5A^e>3??# L/cn yxV-yA^^ 46n >-r V^y 

^y^-;Sr^^g|5*^?>5{t#Rlt^*l^ii, ccoa^tc»^< 
n ^^>y :^^-£D4fi!tSaa{i*iiiS ^i-gp*^ Ufc 
3yry^y+-*3ifflLTtJ;i>o *^3, c:tDJi-&T-fe 

ry'y+-%4fi)cLTt>ci;v\ 

[0 12 2] mz.. 0iJx(miStcS-i(i/^T^^L/c3y 
x>^y:^^-*$tfC E K B«lS»C<};oT«!?#L/'c;l/- h + 
- : K ( t ) root T'Bf^ikLT. 
^b-F^-tcJi^Bi^ltx-^? : E n c (K (t) ro 

o t. Kg on) ^VmiT^o 

[0 12 3] $e.lc, 4fi!cLfc3yx^/7+- : K c o 

n(cj;D, r-^5aass<^i D. 0>j^{f x-^^aas 

Bg^{tU Enc (Kcon. ID) Kj:0,7.hU- 

: K s t ^^m^o 
[0 12 4]:>JtC, I D^a>xy74^- : K c o nT' 
B§^{l:-r?)i:i:fC<t»35Efi!tL/cXhU-i^+- : Ks t 
^ffll^Tcnyry^y (DATA) ^Bi;f{bbT, Bg^^t 
nyy-yy :Enc (Kst. DATA) ^^filtrSo 
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CO 1 2 5] i:(r)J:^(CLT4^bfc=iyx>'>y+- : 
K c o n<7);l/->*- : K ( t) r o o t tCck§B|#{b 
"f—^ :Enc (K (t) root, Kcon) 3 
yj-yy (DATA) <DXYV-i/^~ : K s t tC<i;^ 
Hf^fkT-'-^ :Enc (Kst, DATA)^'J 

[0 12 6] x-^jaaOTi, coBg^ftnyxy^y 

Tt^o E K B 7 7 -f ;l'{i:ii$tcD@ 6 T'lJiB^ Lfci ^ {C 

[0 1 2 7] 01 7lciJi.-/^7;HS1iSgfc^§*ft$n 

K B 7 7 'r;Wi, -r-^^aS^atc^iiiH^U^nTV^S 
(DNK) ^fflV^TPgS>yU-«^ 
Iir'fe5;l'-h+- : K (t) r o o t ^aitfpj^ife E 
KBT'SSo S/t. x-:S'7 7'l';l/a. 01 B^fflV^T 20 

iliH^trcJ;9tc, ny-f y^y+— : k c o ncoyi'-h+ 
- : K ( t ) root tc j:i.Bf^{tT-^ : E n c (K 
(t) root. Kcon) uyfy^y (DAT 
A) <r>7.V]y-i/^- : K s 1 1 i^Bg^ftf-^' : E 
nc (Kst, DATA) EKB/^-v^ay^ 
il(D0£D^JcD^^(3:/^-'y*ay : t*^IB^$nfc« 

E K B7 7l';l/t^-&tl§«fl$n?.o 
[0 12 8] (r-^'H^MS) COcfcd^U A-/^7 30 

(DATA) ^^4-rS^^®iaiatCOV>T. @1 8«r 

[0 1 2 9] 01 8 OSaafiajli, iE^^3yxy;/»A 
#T-^*), UA-/^r;H51tS«K3:^xy>ylSlfl«iS 

^fT^o/tx-^masa (t>'WXO) tcJstt-Sny 

[0 13 0] fl*, T-^^^aaSBti, Uiv-/^7';H2 
1tgStCl«Sltt^?nfcx-^7 7'l'-'l/A^?)m-r?.EKB 40 

y^m^mmL. m%Ltu^~'y^ ytm c 

(D^jT-ti/^-v'a y ( t ) {cWtS-rS E K B 7 7^;l'^ 

u A-/ ^7';ne«sa*^ p) ^ti bT X- ^ ^!!iaggrt 

teiS^^n/cTZ-^-rxZ-K*- (DNK) ^fflV^TEK 

B <o^^«ia**?Tf L, ^my u -«^iiT**5;i/- h 

K (t) r oo X^mmt^o Ccr)EKB«^«a 
aiCfigi^-r^^ti. ^46EKB(D^^BjHg*-rVW7.y 
-F4^- (DNK) ^teifflU/ix/WXiO^il^So 

[0 13 1] Mt. ^—^vmmm^t. ua-/^7;hb 

1igBF*i<0r-^f77'l';I/*^e.=iyry>y:^^- : K c o 50 
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n^;!/- : K ( t ) root T'Bg^^bLfcx- 
^:Enc (K (t) root, Kcon) ^IXffL 
T. EKB5!iafi:j:oT®»Lfc;b-h+-: K (t) 

r 0 0 i^mmLfz.'mvmn:%Vi\.x. ny^yy^ 

- : K c o n^^tf-ri>o 

[0 13 2] f-^^jaaSfiti. fl?iJx.{f-r-^5[i 
aSB*^«^«iST-fen{f«|g#^. fe^vHi*(Dffi(^) 
S^SBT-fetxt^litsS^^HOl D^. Bftfbfcny 
ry^y=^^- : K.c o n^iiffl LTBg^fk : E n c (K c 
on, I D) LT, X h : K s t «:*^t 

^0 ci(D7.M/->'^- : K s tti. gS<DID{cS-:3 

[0 1 3 3] i^tc, x-^'iaaSBfis UA-/^7';HB 
1iSBrt<o-r-^'77-i';l/A^5)3yTy>y (DATA) 
<D7. h y>- : K s t tc J:§Bf^{tx-c5' : E n c 
(Ks t, DATA) til LT. ^figbfcXHU- 

: K s t ^ffll>T^#j!aa5:*fT-r5o C(0^^ 
Saatfiici^f -i>/cA6fi:ti. U A-z^^yHBItSHtcJ^-r 
3 yT^y^ytllft^natDl^tBi^fbKjiffl tfcx hb- 

'y^~ : K s t tm-<D7. h ^-i/>-A^4fi!t$ni.i2> 

mtf^h^o ^(om \ 8K:^-reij©%&> x-^iiiaasB 

nyry^y©1^i^^tT*o/c:iil§§-C^!?. 1 D^^'IrI-T' 
tf^%^ltn. Rl^ltr^yryy : E n k (Kst, DA 

TA) com^jcfigi^b. ny-ry'y®S4A^5itii:* 

[0 13 4] yA-/^7";i/ffi1iSat:3y7^y'y©^S«fl 

«!ta*fT*o/-cil^^S^5ilt§ti:i3V>Tr-^5tS4* 

Bf^jbnyf-y^y : E n k (Kst, 
DATA) (Dm.mf'mXiXtt. rnyxy^y^S^a^ 

[0 13 5] iioi^fc. :mm<Dmmzi^n{f. ua 

-/^7";HB1iSa(c1gl|ftLfcnyry^y:B4^0^R^ff 

i:tT. EKBjaatj;oT«^oiHfe^nyT:^^y+- 

T. 03tc^t->yU-1i^cDitt^©^*;l/-7°ti:gL. [5] 
-<DE K B^«#Rlftg*«^£Dx^W7./)^#af 

T'^-pt*,. 'J A-/'^:r;HBissfiti:*&aSLrc:=iyry 

IBmgfi(ctS*flL/cil-<Ox/U7.{c|5I^-r§ c i:*^Rl 

[0 13 6] (ayry^y@Bffl4Sg*{cfcit5nyxy^y 
• ^f-^yD-KJaa) ±2itfc3yxy^ylSJflj!aatt. 
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*g3<Dr-^$QaSS (PC. S^gg^ 

if) ic-tyhbrayT-yy^n^LXott^^-^ic 
[0 1 3 7] 01 g^fflt/^Tnyxy^yoiEteiS^fea 

[0 13 8] 01 SlfClt. m^li^-\£7.fu/U ^'if' 
3 0 Oi:, nyf-yy(D§iM^M3 0 0iJ'^::2yTy^y 

5 0 oif^.tnx^-'^o ^^SSA, 4 0 0 i:. 

SB, SOOti, 0IJ^l{f^^y*-K<Dc};3*UA-/^ 20 

7;HBtiSS6 0 o^ayf-yymmj^^3 0 oic-b-y 

[0139] 3 y-f E^4S* 30 0 CD^ifiKtCOV^T 

^n^T-VUXy-K*- (DNK) ^1211^13:3 7 0 

[0 14 0] 3>x>'>7Effi4S*3 0 Ofi, T—^Xm 
timm^'il^ o Klhtl I / F (Interface) 3 2 0, Bg^ 
®a¥S3 3 0, ROM (Read Only Memory) 3 4 0, 
RAM (Random Access Memory) 3 5 0, CPU (Centr 
al Processing Unit) 3 6 0, iB1i#IS3 7 0, UA- 
/^f)HS.'&^M I / F (Interface) 3 8 0 L, C n 

[0 14 1] xmtii /F 3 2 oti, ^Jx.tf^'''>ya- 
— *f *^ e. o 3 y X y » AiQStc^ ^ A:/j^«Qa 

■fSo B|^5aS^IS3 3 Ofi, fi?ij^{f, l^-yT'cDLS 
I (Large Scale IntegratedCurcuit)T'^tfiSt$tl, ^iJ^ 

Slfig^itOc Hg^Saa#l53 3 0lil^-yyLS 
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m^m (CPU) 3 60 (ommc ^ o x^ff -r 

[0 14 2] ROM 3 4 Ott, tJffll#g (CPU) 3 6 

T£DH^-r— ^%1§i|fl1'5o RAM (Random Access Me 
mory) 3 5 0«, MSI^IS (CPU) 3 6 0<DmmiCiS 

I'xmn-^ti^'fu^'^i^. iojcaVp^'^A^aatcio 

tLxmm-^n^o mm^m (cpu) 3 6 0(i, ro 
M3 4 0, iBii^as 7 oiFfctss«i^nfcyD^-vA* 

^f7L, Bf^Saa¥S3 3 0{i:J:?)Bi#iQa, T-'^<D 

yo- Ksaa^c#a=&ffl^aa©|lJSl^^^T•r.§o 

[0 14 3] IBIt^l I /F 3 8 Ott, D A->'^r;HB 
1tgM2 0 0(c5>f-rSr-^AtH:'3^SiJffli-r^o ii<D3 
yry>yBHfiss*3 0 oti, 0 3%ffli/^rui0^Lfc'y'; 

!9:§:^^— fe y hi: tTOr/WX/-K^- (DNK) 
^fB1t¥©3 7 OtClSl^ftbTV^^o fi^Jx.tf, x/WXO 
tcmt-^nyxy^yiamiS^S O OT'SnJf U.-7+ 
-KOOOOi;, y-K^-: KOOO, KOO, K 
0, K r o o t i:>&x/Wxy-K4^- (DNK) i: L 
TfB'ti^SS 7 OtCl^li^bTV^^c *t3, gBli¥IS3 7 
Oti, nyxy>yoiSilflm«i: UT, SfcW^^-^ 
P-y^ (EKB) (Dtgffl^iSRtLTfeffifflJnS. 
[0 1 4 4] 01 9{c5^-r3yxy>yiafliS*3 o otc 
U A->'^7;l/|B1SgS6 0 O^-tr-y h L, nyxy^yoD 

[0 14 5] 0ljK{i*S4SlA, 4 0 O^fiJfflLT^A 
nyr-y^ycDB^^^T'&Jo-p iif i.^— tfti, ny-fy 
^y © ^?'>> y p - F ^l^ff ? -^i- 5 'J A-^ ^ r;HB1tSS 6 

0 o^ayry^yEMSig^S 0 Ofc-fe>y h-rSo 

[0 14 6] nyxyyWAa— tfti, xm-n I 
/F 3 2 0%:n-LT, nyxy>y^Jg^t, ^5)1;:, S 
A, 4 0 0 <D I D i: LrcoM^tf«IS#^iF, «t 
m^mM(Dm9-'^^X-h-f^. 

[0 14 7] nyxy^y 62^14^*3 0 OcDMi, ^ttc 

01 6;&ffli.^TUi^LfcJiflai;{i(?|5]1««J!aai:^'3, 
01 TfcS^-ri^tcE KB77'i';l'i:x-^7r'i'^l/A^ 
'JA-/'?7";HB1«SHtc1g^?n5o 01 em^SL* 
*^p>, nyxy^yBaffl!iS*3 0 otD'J A-/^7;HB1tS 
16 0 OtcWfSr-^'^^fi^Mc-^v^TSiq^'rSo 

[0 14 8] ny-ry^yi2fiJS*3 0 oti, 03cD>yU 
-iSfi!c{c*3tt § x/U X 0 {cmf S «^ i: UTlfiB^-r 

5o ^*3, StSSA. 4 00tffc, 03CO'y'J-1i 

fig t tstt 5 i>-rn*^o 'J - 7 fc js-r 5 t x t-s 

f^gPlCx/WXy-K^- (DNK) ^ISIfltTt/^ 

[0 14 9] $-r, nyTy'yffi««5K3 0 0ti, 

If^^Atlitl I / F 3 2 0^:h-LTJi^tfc3yr y^ytc 
JtfSI-'SEKB^jSS^U gB<^r/^-i'xy-K+- 
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(DNK)^ffll/^TEKBcD«^JaiI^lltTL. EKB 
yyt,Clci]Z^t^EKBli^^-i/3y: tCOEKBT'fe 

0 , n >7is«iS* 3 0 0 14, len^s 3 7 0 e. 

X}l-h^~K it) r o o t ^Sititil-ro 
[0 15 0] i^tc, 3>'xy>yE{iiS*3 0 Oi±, Bg^ . 

saa^a a 3 o fcfev^raisf^rfg* LTasiti:»^< n 10 

mic^^j:^=iy7-yy^-ti^^^tn^cticrji:^, 

to. mi&Lki^oK. c(DziyTy'y^-(0±^^m 
a, ziyry^yti^^y'ryy^-nimy'-^X^mt^tiX 

^Xh-oX. nyf-y«y^-^i^gBA^e.^tfr^^^T'fe 20 

?iJi^t4> ccDgLI!(tcSo*< ny7-yy^~<D^^m^ 

[0 1 5 1 ] $e.(c. amcS^v^T^fiKLfcnyry 
>y +-*5tlc EKB Saatc J: o -rajtf Lfc;l/- h : 
K (t) r 00 tx^^{tLX. ziy7-yy^-(DfV'- 

h^-l^C^^mmtT-'? : En c (K (t) roo 
t. Kc 0 n) ^±^t^c 30 
[0 15 2] ^fi!tLfc3>x>"y+- : K c o 

niC^K). Aai:tl I/F 3 2 O^^Lr:i-+)'(Cj;»)A 

4 0 0 to I D i: LT<Dai^miSKm-r 5«iS#^^B§ 
^{bb, E n c (K c o n. I D) i X h U-i/ 

: K s t ^^fig-rSo 
[0 1 53] i^lc, 1 D^nyrV^y*- : K c o nT' 
Bg^{fr5c:i;fcJ:D*filtLfcXhU->'^- : Ks t 

^m^^'Xuyy-yy (DATA) ^Bf^fttT, Bg^ft 
nyf-y^y : E n c (K s t . D AT A) ;Sr^fiit-r§o 40 
[0 15 4] ilcOJ:^KLT*fe^L/'cny-f yy*- : 
K c o n(D)l-h^- : K (t) root iCi^Bf^fb 
•r— :Enc (K (t) root.Kcon) t. :n 

yry^y (data) : k s ttci^ 

^^fkr-^':Enc (Kst, DATA) ^UA-/^ 

[0 15 5] 3yf y>yi2<Iiffl*3 o on. c(D^mt 
ayryy^^tST—Siyr^flt. mfSEKB7 

^3, 1g|fl-r5EKB77l'-'l'i:r-:?77l';H4ffli:cD 50 



2002-31 9932 

36 

MX. E K B <0>' ^—V a Vlf SJ^ftita-r 5 C 
i:tC<}:0llt7T'^i.o E K B7ri';l/{Ctt^«Dia6T'iJi 

L /c <t ^ tc ^ ^- a y tf $a;^)Mt ip $ nr > ■?> <, 
[0 15 6] CKD-tdt;:. 3yxy^ygHfi!aS*3 0 0 
^aSA^eXtl^tlfcl D»cS-:5(,>TXhb-$^:^r 

- : K s t ^r^fiXL, ^fiScL/iZ h y+- : k s t 
;&ffit/>Tnyry'y^Bg-tfk-rSo UA-^^7";HStiS 
BfctS^flSns E K B 7 r i';l/i:-r-^'7 r i';UOfilJ5!t 

5tKlliR^tfc01 TOlifiiciilRl^T^t), EKB7 

[0 15 7] cKDjc'ptc, uyfyvWSM^zoots^ 
5, U A-/^7';l/fE1i»l 6 0 0 ttelft^nfcBi^ftn y 

Ty>y (DATA) ^s4-r5Ji^offist4. 9t\^mm 

[0 1 5 8] /cfct, 01 8«0«iaW4, E3<D>yU- 

mWijo^fi w ;^ til *3it ?) T / u X 0 ©iaa^iJT' d , 3 

yry^yE{8SS*3 0 0*'!x/WX0tc+gS-ri>i:{g^ 
Lfc^^, II4SHA. 4 0 0t4x/W7i0T'«^c<. 

^y^neiiSHtctssfl^ nfc-r- 77 -r ^bA^ e)*f /s 

•r 5 E K B / ^- a ylf B^tf Lfc/ ^- a 

yti$s. ii (Dt^jT'«/*5-e^a y ( t ) tcwitsf 5 e k b 

77 'T/l'* U A-/'57;H21SSS*^5)^t# LTH^^S 
A, 4 0 0(CtS*rt$nrc'r>'WX7-K+- (DNK) 
^fflV>T E K B^D^^Jaa^Htf h+- : K 

( t ) ^BJt#-r So c © E K B ^^jastcfiicSj-r 5© 

ti. ^ii)EKBO«^nIt^^r^Vxy-K4^- (DN 
K) ^;tS*ftbfcx/UX-efe?.o 
[0 15 9] 1K\Z.. S^ggA. 4 0 0t±, U A-/'?7" 
;HH'^gBrtOx-^77-r;l'*^&nyxy^y4^- : K 
c o n^;l/-h+- : K (t) r o o t -eBg^lbL/cx 
: E n c (K ( t ) root. K c o n) ^BJffL/ 

EKBjiaafcAoTi{t#tfc;i/-h+- : K (t) 

r o 0 t^3ifflLfcm^J!ia«rll?TLT, riy^y^y^^F 

- : K c o n^JKtffSo 

[0 1 6 0] i>:fC, S^SBA. 4 0 0J4I Dv f^fc 
•5«IS#^*, aj#b/-c:3yxy'y+- : K c o ntcJ; 
t)Bi^fk : E n c (K c o n, I D) LT, X hP— 
4^- : K s t ^^fi!c-r-5o h : K s t 

(i, nyxyyoUXmcnyry^yBBM^S^teaoo 

a— tf*^5,At/$n/cI D^cS■cJl^T4fi!^L/•cX^ 
Ix— y':^^- : K s t i:m—(0i>(0trj:^o 

[0 16 1] 'XiC. S^fe^BA. 4 0 0(4, UA-M7" 

;i/tBtigHi^«x-^77-r;i/A^e)3yf-y^y (DAT 
A) cDXhU-v^'^- : K s t ic.ii.Bf^ftf-^' : E 
n c (Kst. DATA) ^mtiibX. SfefilcLfcXh 
U-i^^- : K s t «rffll/^T«^«lS«:^fT-r5o CO 
a^JQati:fi!ci;/]-r^fci6tc{i, U A->'^.7";HE1iSBti: 

jt^-rs 3 yry 'yi^Srtsaiico^tcBg^^ttiijiffl l/-cx h 
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U-i^^- : K s t t^-<D7. h U-V>-A^^^?n 

^tiiffl^nS I D«S4ggA, 4 0 0«DSiS#^T 
^•3. I D*^|p1-T$)5<DT% x-^ISIrt^^lHl-OX 

nk (Kst. DATA) ommcimu ziyy'yy 
[0 16 2] UA-z^y-'HStiSBtcnyf y^ycDlSlft 

B, 5 0 0*^ uA-/^7;neitgB6 oo^mogit 

S^gfiB. 5 0 0{C-t<y hbTS^^IItTt<td 
i:tTfes S^feglB. 5 0 OT'fiS*?) I D (ffij^ff 

^msoo t\ V A-/^y;Heitgfi 6 0 0 tc n yr y 

[0 16 3] <i<D^viz. :^mm<Dmmc^nii. ^sp 20 
Lfc3yr>>yos*^*tT-rs*ffi: lt, e k Bja 

ate J; ^ Ta^oJ^^ 3 >'X y +-^^tf nlHg^X^ ^ 

TS^sn^o fifoT. 03tc^-r^yu-iifi!t«^t^<^ 

y;l.-:/(CJS L, |B|-<D E K B ^«^BIte*m©x/^ 

(c^iSifflL/cnyTy'y^S^olHg^x/^'i'xli. ay-r 
^'y^A^tclg^Lfcft-tOr/WXlcffi^-rsc: i:*'' 30 

[0 16 4] (3>7^>>y|B§i. S4S!ia->-'^>';^) 
>'>yoS±ffl,a»i:-Di,>r7a-j&fflv>TJ0.a^li*|ji^ 

[0 16 5] 02 0<D5aa7a-tCtJ!oT. UA 

^ t U fc*S^ t 3 yr yy^ V A-/^:r;HeigSBtc 
[0 16 6] tt. XfyfS 5 00 l{c:fel^T. UA 

-/^7;HB1Sgfiic;tSilfl-r5r]yxy>yiciiffl-r5 E K 
B7 7i';l/^^^f§„ T-^^&ilSBti, S*Wtct± 

aifi/^-v-'a ycD E K B 7 7-Y;K^)*%tss^ tri/^nts 

.kl/^*^ fiRJ^fi^lSOE K B 7T-<;l/«r1SiS^LTV^^« 
^tca, ^n6)<0EKB77-)';l/*^?>^fi©EKB^ii 

[0 16 7] X7-y:fS 5 00 2{C43V>T^ SB 

hT'feST/W7./-K4^- (DNK) ^ffl(/^rEKB 50 
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-K r o 0 t^fmt^o 

i0 16 8];^lC. X-r-yT^S 500 3fc*3i/^T. iLIS 
niR^L. uyfyy^-: CO r\-^^fS.t^o 
jb\ c:corjyxy'y+-<D^fi)tMi. ^■«-yh7-^. 
I^TcMzi yy- yvw^mmti' e HiJtf L n y r y -y *^ 
3yr>'y+-^fflv^TB|^fb$nTi/^^v^^-a-{ct® 

X yyif'^i6=i yy^yy^-ic^-o x^mt-^tix^^^ 

^^T'3&oT> :3yxy^y+-%i1-g|5*^e.B?t#^Hl'S:^ 
-a-tis ii<Dai!j{c»-^<=iyxy>y4^-04«Mi« 
^L, ^r|.gp*^6^t#Lfc:3>'ry^y+-^3ifflUT*,J; 

46Ta^fcSo'v^T n yr y 'y+-*4fi)c LT t cfc v\ 
[0 1 6 9] ij«;tC7.x-y:^S 5 0 0 4(C:fet,>T, ID*. 

yy-yy^- : K c o nfCiSBg^fk : E n c (K c o 
n. I D) K s t «r4fi!t 

(S 5 0 0 5) -rSo 

[0 17 0] 5?)^, Xx>yyS 5 00 6fCt5V^T, E 

KB^!Qii(Cj;oT5Jf#Lfc;l'-h^- : K r o o t (Ci 
13, nyf-y>y+- : K c o n<DBg^fl:$aii:&||tTLT 
Enc (Kroot, Kcon) ^^fiit'f ?>o 
[0 17 1] XT>y T'S 5 00 7fCt5VT, U 

A-/N"7';HB1SSB{^^S^rt-r^riyT-y'y (DATA) 
*X h U-iy^- : K s t T-Bg^ibMil^Htf LT E n 
c (Kst. DATA) *^^U Xx'VT'S 5 00 8 
t*3t/^T, E KB77-<;l'i:v Enc (Kroot, K 
con), Enc (Kroot. Kcon) ^tSSflt/c 
T—^y7^)li:^m-~mr^J A-A:7;HBtig@tc: 

[0 17 2] HZ l<DSaa7n-{cef-pT, ^y 

[0 17 3] S-r\ 6 00 1 {CtSl^T, a- 

HfcD-tr >y h Lfc 'J A-/^7";HBiiSB{c1^»S-r 5a— >f 
Ji^©n yy'yyicmmt^ E K B 7 7-r;b?:S5?-r 
5o iMC, XT>yyS 6 0 0 2li:^V^T. Sfirtlct&*ft 
$nT</^i.U-74^-> y-K+-£D*— b-y hT'S5 
x/WXy-K*- (DNK) *fflV^TEKB©m^5{l 
ii**f7LTP§«'y'J-i|SfiKllT-*?.;l'-h^-K r o 
o t ^WLmt^c 

[0 17 4] Xr-y^S 6 00 3lc*5i>T, 
*^4U nyry^y*- : K c o n^^sSt-rSc ^ 

a, ny-r^'yA^rnyf-y^y^-^flK/^TBi^fk^tiT 
i/^!5:v>Ji^tcfe3ifflnI*gi:-r5fci6co«iaT*feO. 

■ry'y3!)^^'J63yTy>y*-(cj;oTBg^{t?nTl''i) 

^^TfeoT> =iyf-yy^-^9^m^^^mm^r'^ 
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[0 17 5] ^^iCXTy/S 6 0 0 4t«5l''T. 9* 

glcfei/^T I DtDny^y^y^- : K c o nic^^tsm 
{fc:Enc(Kcon. I D) ^UtrUTX hP—y+ . 
- : K s t?:4fiR (S 600 5) fSo 10 
[0 17 6]2?>{C> Xx-yT'S 6 0 0 6fC^3V^T. E 
KBS!ia{i:i-pT^#L;rc;l/-h+- : K r o o ttci . 

t), : K c o iKOBi^fkjaa^iifTLT 

Enc (Kroot, Kcon) ^4fi!tt"5o 
[0 17 7] t?>{C, Xx-y7°S 6 0 0 7 {C^'l/^T. U 
A-/^7;H21iSatCl!Slfl-r5n>ry>y (DATA) 
h U-i/^- : K s t T'Bi^fMa^lItT LT E n 
c (Ks t. DATA) ^^j^L. 7.x-y:/S 6 00 8 
tCfelz-'T. EKByr^Jl't. Enc (Kroot, K 
con), Enc (Kroot. Kcon) ^^S^Lfc 20 

[0 17 8] i^tc. 0 2 2©5aa7D-ti:iJ^-3T, 'J A 

[0 17 9]S-f, Xr«yys 7 0 0 nc*5l/^T> 

-/ 7;H21tgH*^ e.S4-r?i3yxy-y{c}iffl-r5E 
KB77-i';U^3i»?-r5c EKB77-i';bcr)SS?tis ^ 

EKB77-r;l/>&UA-/ ^7";bS51iSB*^ ©fil" S ffi 
Si: LTUff ^tlSo Xx>yys 7 0 0 2{C*3V>T. E 

KB?5^^f^c^:S]U/•c^i-&^i, -XT^T-yzficm^. ekb 

*^^fiTt;5:l/^«^{i, X7- (S 7 0 1 1 ) fc LXm 
[0 18 0] i^tc, 7>r>yys 7 0 0 3tci3i/^T, 

rtcts*fl$nrv^5U-7+-, /-k+-©+— fe>y 

hT'S^X'''^'l'X/-K+- (DNK) :&ffll.>T. UA 

^7;H2iiSH*^ 5> L E K B O^^MS^^iT 40 
LTPgl^y U-!l^ST-fe5;l/- h*-K r o 0 t 
mt^o h+-K r o o t mmc^PlLTc^^ii.. 
'Ax^r-y-flcm^i: ;l/-h+-K r o o t«#T't:* 
V>^^1±, (S 7 0 1 1) t LT^aatii^Tf 

5o h4^-K root T't^SrV^'^^ttx 

[0 18 1] i^tc, 7.T'yyS 7 0 0 5(C*3V>T, 'J A 

f-y^y : E n c (K s t, DATA) ^m^Hito 

Jc. UA-/^7;HBtgSH<0*S*Ar-^7 7-i'yl'*^p.Bi 50 
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40 

^{t3y-f>>y+— : E n c (Kroot. Kcon) 
^Ik^W UT, X-r-y ys 7 0 0 3 t-O E K B^^^a 
fCj;05{t#U/c:7l/-h+-K root Tm^^m^n^ 
l\ rnVry^yi^-K c o n^fii) (S 7 0 0 6) » 
[0 18 2] Xx-y^S 7 0 0 7{i:*3i.^r, §5 

<o I Dfcw-rsny-f y^y^-tciSBi^^k : e n c 

(Kcon. I D) ^11^7 brXhU- K s t 
^^l&t^o '^t, Xx-y^S 7 0 0 8iC*5l^T, 'J A 
-/^7;H2iiSB«Dt&*flf'-^7 7-r;l/^*til LfcBg^ 
ftnVxy^y : E n c (K s t. DATA) *x 4fi)tb 

rcx h : K s t ^mm Lxm^mm^mnt 

[0 18 3] Xx'yys 7 0 0 9{C^I/>T^Wfi!c:S(jL 
fcfcW^:Sn?)i:. XT--y7°S 7 0 1 0TB4^ff& 

Xx-y^S 7 0 0 9(ct3V^Ta^^Kf<^)^^ti> x 
7- (S70 1 1) tLrmmUMJt^o Xx-yT'S 
7 0 0 7 t:6l/''T I D tS-ifl/>T*fefiRLrcX h l^-i^** 

afC^oV^TJiffl L/cX h X 
7-i:*5o XHx-v'^-^fiKtcJiffl^n^ I D*^S 

[0 18 4] ^i3. ±Bmmm(Dmm(D^x{i. mm^ 

^Bg L/c3b\ U A-/^7;HetiSB3!)^r-^5aa*ite^ 
Wr5^-&«. S3feSMtLT<Dx-^fMagBfe5v^ 
ti n y X sa^SiS* i; . 'J A-/^7';HB1iSB t(Dm 

[0 18 5] wm(Dmmm^^mLrj:t)^^^ *^ 

[0 18 6] ^^3. mmvpic^^^xmrnLtz-mo^m 

(om-^mmc^^xmnt^ctif^mx&^o 77 f 
•i'x7jcj;5saa*^tT-r?.^^{±. mmi^-'ryT.^ 

nrc n y If a - ^ U t yx h U TlItT? 

fe?.iHi. Sajaa^^MTBItl^iRfflnyifa 
-^^ 7p ^^"7 :/x h LTHR^-frS c: i: 

[0 18 7] •/uif^KimmmwtLxo^^ 

-K-r I- X^-^ROM (Read 0nlyMemory){C^i6|B^L 
Tfc< ili:*^Tt5o feSi/Hi. 7'n>^-^Ai±7a-y e 
- (ISIK^) •r-i'X^'. CD-ROM(Coinpact Disc 
Read Only Memory), MO(Magneto opticaDrV X^', 
DVD(Digital Versatile Disc), M^T-fT.^. 
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[0 18 8] J&fc. yn^^AJi. ±iEL/cJ;^*KIS 

-K+)--i' nyif^-^tcM^fEiMLfcO. LA 
NCLocal Area Network), ^y^—^^y h t^^-:>fc^-y 

[0 18 9] Bmmir:ad,m-^nrc^m<Dmmiis 

[0 19 0] 

[fRiwwjsb*] j.x±. mmLrci:^ic. ^^m(ommm 20 
mm\L^--:ruy^ (ekb) jastior^^Ri 

[0 1 9 1 ] $e.{c. ^^mcommtim^m. mmn^ 

ffibrcnyry>ycr)SS^M7-r5^ffi:LT> EKB 

mmici.-ox'i^^^m^ji:=iyr-yy=^-^m^^^^j:T 
Lxm^oimtrso. m-<DEKB^mn'^^^jim^<D 40 

gBtctS*ftLfc3yTy>y;g:S4oI|g^r^W7.{i. n 
[0ffi©1S**iKW] 

[01] *f|g^©->XrAO^Ifflei:t:^IKW-r50T'fe 

So 

[03] *f|B^«->7>xAt:6tt§^8l+-. r-^<D 50 
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m^immic'D\^^xmmt?>y v-mtrnx'^^o 

[0 4] *fg0^cD>';:^TAJi:*5(rt5#a4^-, ■r-^'O 
E^ijfCfi!ffl$n5Wm^-7D'y^ (EKB) ODP^ 

[0 5] *|gs^(D$^X'rA{ct3n:^§3yr>>y4— <0W 
afk+.-::'"a -y (EKB) Lfcffi^B^J i:«^ia 

[0 6 ] *f|0^(Di/Xr AtCfctt ?,Wa{b+-:7D >y ^7 
(EKB) (D7*-V<y h0iJ*^-r0T'fe5o 

[07] :^nm<o'yx7-Licmf^^mit^-:^ti"j^ 

(EKB) CD^'^*©Sfi!t*iJiB^-rS0T-fe?)c 

[0 8 ] *f|B^(D>'XxA{C*5tt5W5e!)lb+-:7".n >y ^ 

(EKB) 3>'xV*y^-^ 3>"ry'y?:^-y-TE 

{§ -r s X - ^ iSfiSt«?ij ^ 5^ -r 0 -e s i. o 

[0 9 ] ^feB^cDv-X-r AtcisCt §^^{t:+-:^a ^ 

(EKB) i:. nyxy^y*-, 3yx>^y%^-a-TSa 
mbrcm^<07'fU7.x<o9mm^7ntmxh^. 

[01 0] *||B^C0i/XxAlCt3tt5W^ib4^-7a>y 

^ (EKB) t::iy7'yymsMmmc^mLtcm-^<o 
i^it^icoi^xmmt^mx'h^c 

[011] *fgB^<^i/XrAtc*3lt5|igM'yU-Sl3i<D 
[01 2] *l8B^cDv'XxA{ct5it§ffis§fl:W5?i)fb+- 

:rp>y^ (EKB) (o^fimm^mmt^mx&^o 

[01 3] *%B^(D>'XxAti:feit5W5c!j{t;4^-:^n>y 

^ (EKB) (D^fiRiSg^lfiB^-r§0T'fe-5.o 
[014] 3|s:^W©i/XrAJct5tt5®liiS{kW^{t+- 

:rn-v^ (EKB) ^f4B^-r50T'fe?)o 

[01 5] *li^©'>7.f-A{i:t5tt?.x-^W^SHco 
«fi)cfiaj%^-r0T:-feS„ 
[01 6] ^^^Cv-XxAtCioltS. UA-/^7^l'tB 

itSBt- «-r 5 X- ^ ^Si^^aafi^j^^-r 0T' ^ § „ 

[017] *flWOi/7>f-AtC*5l/^T, UA-/^:/;He 

^mmiciismt^T—$'m^7ntmx'h^o 

[018] ^HB^^i/XrAlCiol/^T, UA-z^T'/He 

[01 9] *%W©S^XrAt*3>/'>T, ayr:x^ySHi 
iS5R*^e><oy A-/^7;H21t^B{i:5^-r5r-5f*SiW«Q 

a^j^5^-r0T'S5o 

[0 2 0] ^fg^cD-^Xf-AtiSi/^r^ 'JA-/^7;He 

i^^mi^::3yy-yy^^Wit^mmyo-:^^.tmx$> 

[02 1] ^fg^tOi/Xf-Atctsv^T. nyf-y^yEil 
6 <D 'J A-/ ^:r;i/f BUSfitc jt<fr 5 X- 

myr3-^^stmx$>^o 

[0 2 2] ^HB^iDv-XxAtCiol/^T. 'JA-/^7;He 

[?9^<OS4B^] 

10 nyry^ySSfs^S 

1 1 ^'y^— ^--y h 
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1 2 <trSS5]tg 


* 1 0 0 


jrf, M hn XSiti:^ 


1 3 


1 1 U 




1 4 :3V7-V^ygBfB4S7l^ 


12 0 


T lu -Ii t y 1? 
Atti/3 1 /F 


1 5 U A-/^:/;l/feti^fi 


1 3 0 


Xtiit} I /F 


2 0 -r-^^jaa^s 


1 3 1 




2 1 V':^;l/3ylf a— ^ (PC) 


1 4 0 




2 2 ^?:/;i/r/W;^ (PD) 


1 5 0 


ROM 


2 3 ^^BsS> PDA 


1 6 0 


RAM 


2 4 ie^s4§§x y-i*ss* 


1 7 0 


CPU 


2 5 S^Sl 


10 18 0 




3 0 sBti^S 


1 9 0 


^— ■ .L-«V- coa T y T> 

sfiliSS I / F 


4 0 raVxy^ySBfiSS 


2 0 0 




5 0 nvxy-yiE^iWAas* 


3 0 0 




5 1. 5 2 yi*-''^::'";i'ieitSB 


3 2 0 


AtB;': I /F 


6 0 nyxy>y|fIEMWAilS5R 


3 3 0 




6 0 1 v'a y 


3 4 0 


ROM 


6 0 2 -r 


3 5 0 


RAM 


60 3 r-^'l^-Yy^? 


3 6 0 


^r^¥© (CPU) 


60 4 ^^if-^y-^ 


3 7 0 




6 05 a^^^'fy^' 


20 3 8 0 


ieiig@i/F 


6 0 6 


4 0 0, 


5 0 0 


60 7 ^f^^'gP 


600 




6 0 8 


* 




[HI] 




[010] 
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[02 0] 



61 



A 



(ax >^'Jjl-K) I' ^ 



PC* 



1/ 



52 



1 'JA- 











S5O01 



S5002 



ssooa 



r 



S5005 



Ene(Koen. \0)\ZM^ 

i 



ssooe 



;U-H*— (Kfwrt)-CI»<fcUT, 
EneCKreot Koon)^A 

I 



86007 



■7=— 



ssooa 



Eno(Krook, Kc»n). EncCKst DATAX-fi^C 



CEO 



.^«^,K0O10 /kDIOO KOI 10 K1000 K1010 KtlOO K1110 

S)^001 "jifioil K0101 KOni K1001 K1011 K1101 Kill! 

O 1 2 3 4 6 e 7 e O 10 11 12 ia 14 16 



(25) 



#gfl2 0 0 2-3 19932 



[04] 

(A) *<&fl:^^Pv^(EKB:EnabnnB Key Block) A1 



(B) Mfl:^:^av^(EKB: Enabling Ki»y Blook) fl2 



[06] 



601 



6oa 



2;3>(VarBlon):t 






o 


Eno(K<00. K(t)rotit) 


00 


Eno(K(t}00. K(00) 


000 


Enc<KOOO. K(t)OO) 


001 


Eno(K(t)001, K(OOO) 


0010 


Eno(K0010. K(k)OOI) 



60S 



S>aXVenBion):t 






ooo 


EnoCKOOO. K(t)OO) 


001 


Enc(K(t)001. K<t)00) 


0010 


EneCKDOIO. K<t)001) 



(version) 


(depth) 


{Dmim pointmr) 


(Tas pointer) 


(Signature pointer) 


(rasarvsd) 


X-*»(E<kO. Krool). ...) 


*yB({0,Ol. (1. 1). «) 


V4&(SlffnabJro) 



602 



804 



606 



60S 



[05] 



5^1/(Vermlon):t 






000 


Eno(KOOO. K(OOO) 


001 


eno{K(t)001. K(t)OO) 


0010 


EncCKCOIO. K(OOOl) 


Enc(K(t)00. K(Ooon) 



KOOO 



— I 



K(t)00 



» — I 



K(Oeon 



KOOOO 



X/<-fXO 
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803 



(•) 



EneCEKa KEK] 



802 



Ene(KEK. Keon) 



SOI 



s 

EhctKoon. ContenO 



<b) 



804 



En«(KEK. Koon) 



Ene<Keon. Contenti) 



Enc(EKB. KEK) 






Eno(KEK. Koon) 


EncCKoon. Contents) 


4 



•J>^#1 Enc(KEK. Koon) Eno(Keon. ContontS) 
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[09] 



imz 1] 



7D9^(EKB} 



EKB 



EnoCKDOO. K(t}O0} 



Ene(K(t)O01. K(OOO) 



Ene(K0010. K(00O1) 



KEKCKEQ^KCOOO}-? I 



Enc(K(t)00. Kcon) 



EncCKoon, Content) 



KOOO 



p EKBflUB 



K(t}00 



Koon 



i S60 01 



S6002 



irak-^tx-cEKB«yatstffLx 



seoo3 



S6004 



S600S 



Enc<Kcon, ID)lZj;y, 



S6006 



a^y-V*!/:*— (Koon) ( 
Eno<Kroat, Koon)^|ft 



S60O7 



Eno(Kst DATA)*±j4 



S6008 



EKB3>T-rVl^^ 
Eno(Kroot, Koon), Enc(K»t DATA)t^C 

5^— 5i7y-f^iHfeyi*-yr7;He«Mlcai* 



1 1] 



1101 



iioa 




1107 



110fi 



1109 



A AAAA AAA- 
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Kin 



Kreot 




<b) 



[01 3] 








{0,0) 


EnoCKCOO, K(t)raoO 


(0, 1J 


Ene(K(t}1. K<t)root} 


{0. 11 


Eno(K(000. K(0O> 


(1. O} 


Eno(K(t)01. K(OO) 


iO. 1) 


EnoCKCOlO. K(t)1) 


iO. 1) 


Ene(K(0OO0, K(t)00) 


(O. 11 


Enc<K(0011. K(001) 


(1. 0) 


&ie(K(0lO0. K(t)10) 


n. 1} 


EnoCKa. K<t)0O0) 


(1. 1) 


Ene(Ka K(0011) 


n. u 


Eno<K). K(t)100} 


Ene(K(t)roat K(Ooon) 



(b) 
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[014] 

tt«<tUt=*»<t4—:^P^r^(EKa: Enabling Koy Ble>ck)tfflU>fc 








{0, O. 1) 


&ie(K(0O. K(t)roet} 


<o, 1. 0) 




iO, 1. 0) 




{1. o, O) 




(a 1. o) 




la 1. 0) 




(0, 1, 0) 




n. 0. o} 




{1. r 1) 


Enc(Ka. K(t)O) 


11. 1. ^) 


enc(Ka K(00) 


ii. 1. 1) 


EnoCKK K(t)root) 


Eno(K(t)root. KCOeon) 



(b> 



[01 5] 

100 



< 



120 



130 



< 



3; 



A/D, D/A 



131 



140 



(ax. ae-^LSI) 



110, 



160 



160 



^ RAM 



170 



CPU 



(DNK. 
EKB, 



190 



200 

J 
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imi 6] 



U)EKB 

EKB:/<— i^>t 

Eno(K(00. K(Oroot) 



Ene(K(t)00. K<00} 



EncCKOOO. K(000} 



Eno(K(t)001. K(OOO) 



Enc(KD010, K(t)OOI) 



(c)ID 



Content 



KOOO 



EKBA9 



KCOroot 



Mr— K<t>root 



ENC(Koon. ID) 



1-^ Ene(K(t)feet. Koon) 



Eno(K^ contonO 




/<--5>3XVorBlon>:t 






O 


Ene(K(t)0. K(t}«oot) 


00 


Eno(K(t)00, K(t)O) 


ooo 


EneCKOOO. K(t)OO) 


001 


Eno(K(t)001. KCDOO) 


0010 


Ene<KO01O. K(t)OOI) 



Eno(Kroot, Koon) 



Eno<Kst. OOr«rTENT(DATA}) 
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[01 8] 



(o)ID 



EKB:/<— i;a>t 



Ene(K(t)0. K(t}roat} 



Enc(K(t)00. K(t)O) 



Enc(K0O0. K(t)OO) 



Enc(K(0001. K(OOO) 



EneCKOOIO. K(t)001) 



Enc(K(t)roat. Koon) 



Eno(Kst. ContenO 



K(t)root 



3 



Koon 



ENCCKoon, ID) 



[01 9] 



ll««A^400 



ji 



□ 



[i](gl(fiD 
6) [&}(&) 



ElBlEiEil 











840 



ROM 
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imz 2] 



S7001 




i:iai-:Jt>TEKB45i«€*fTLr 
JU— Mr— ( KrooQ tggft 



fi7004^ 




S70O6 



Enc(KKt. DA TA)»»^ai-r 

♦ : 



.SZS208 



87007 



EnoCKcon. iD)(Z^U, 



BH^VrV^yrEnoCKst. DATA)^ 




Ye« 6701 0 



_4_S7011 

zn — 



